Daily NCSC-FI news followup 2020-10-15

Introducing a new phishing technique for compromising Office 365 accounts

o365blog.com/post/phishing/

Multiple members of QQAAZZ, a multinational cybercriminal group, were charged today in the US, Portugal, Spain, and the UK for providing money-laundering services to several high-profile malware operations including Dridex, Trickbot, and GozNym.

www.bleepingcomputer.com/news/security/qqaazz-group-charged-for-laundering-money-stolen-by-malware-gangs/

U.S. Bookstore giant Barnes & Noble has disclosed that they were victims of a cyberattack that may have exposed customers’ data.

www.bleepingcomputer.com/news/security/barnes-and-noble-hit-by-cyberattack-that-exposed-customer-data/

50000 home cameras reportedly hacked, footage posted online

www.welivesecurity.com/2020/10/14/50000-home-cameras-reportedly-hacked-footage-posted-online/

Ubisoft, Crytek data posted on ransomware gang’s site – Ransomware gang also threatened to leak the source code of an upcoming Ubisoft game.

www.zdnet.com/article/ubisoft-crytek-data-posted-on-ransomware-gangs-site/

Iranian state hacker group MuddyWater linked to Thanos ransomware deployments

www.zdnet.com/article/iranian-state-hacker-group-linked-to-ransomware-deployments/

New Emotet attacks use fake Windows Update lures

www.zdnet.com/article/new-emotet-attacks-use-fake-windows-update-lures/

Organizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid.

threatpost.com/travelex-ddos-extortion-campaign/160110/

Two New IoT Vulnerabilities Identified with Mirai Payloads

unit42.paloaltonetworks.com/iot-vulnerabilities-mirai-payloads/

Health Data Breaches in 2020: Ransomware Incidents Dominate – In 2020, 444 breaches affecting more than 21 million individuals have been reported

www.healthcareinfosecurity.com/health-data-breaches-in-2020-ransomware-incidents-dominate-a-15170

Morgan Stanley Fined $60 Million for failure to properly oversee the decommissioning of several data centers

www.bankinfosecurity.com/morgan-stanley-fined-60-million-for-data-protection-mishaps-a-15158

Singapore tightens security requirements for new home routers

www.zdnet.com/article/singapore-tightens-security-requirements-for-new-home-routers/#ftag=RSSbaffb68

Treasury Dept. Advisory Shines Spotlight on Ransomware Negotiators

www.darkreading.com/attacks-breaches/treasury-dept-advisory-shines-spotlight-on-ransomware-negotiators/d/d-id/1339169

The Important Difference Between Cybersecurity And Cyber Resilience (And Why You Need Both)

www.forbes.com/sites/bernardmarr/2020/10/14/the-important-difference-between-cybersecurity-and-cyber-resilience-and-why-you-need-both/

Cybersecurity: The Human Challenge – Findings from a global survey of 5, 000 IT managers

news.sophos.com/en-us/2020/10/14/cybersecurity-the-human-challenge/

Cybersecurity exercise boosts preparedness of EU Agencies to respond to cyber incidents

www.enisa.europa.eu/news/enisa-news/cybersecurity-exercise-boosts-preparedness-of-eu-agencies-to-respond-to-cyber-incidents

Disobey 2021 Hacker Challenge is live!

disobey.fi/2021/

You might be interested in …

Daily NCSC-FI news followup 2019-07-21

Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’ www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-has-been-hacked-with-social-media-and-tor-projects-exposed/#56b83da66b11 Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSBRussia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and […]

Read More

Daily NCSC-FI news followup 2020-05-05

How Many Engineers Does It Take to Digitally Secure a Solar Panel? www.nist.gov/blogs/cybersecurity-insights/how-many-engineers-does-it-take-digitally-secure-solar-panel The headline for this blog post is not a trick question or the beginning of a bad joke. I asked this question maybe a bit facetiously when I met the National Cybersecurity Center of Excellence (NCCoE) energy sector team in late 2018. […]

Read More

Daily NCSC-FI news followup 2019-12-07

The Week in Ransomware – December 6th 2019 – ‘We have seen better days’ www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-6th-2019-we-have-seen-better-days/ With this article we are bringing you the latest ransomware news that occurred over the past two weeks. The news is a still a little light due to some of us taking vacations, but we should be back up to […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.