Daily NCSC-FI news followup 2020-11-07

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

threatpost.com/wordpress_open_to_attacks_welcart_bug/161037/ A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. This can lead to payment skimmers being installed, crashing of the site or information retrieval via SQL injection, researchers said. Lisäksi:

www.wordfence.com/blog/2020/11/object-injection-vulnerability-in-welcart-e-commerce-plugin/

New Pay2Key ransomware encrypts networks within one hour

www.bleepingcomputer.com/news/security/new-pay2key-ransomware-encrypts-networks-within-one-hour/ A new ransomware called Pay2Key has been targeting organizations from Israel and Brazil, encrypting their networks within an hour in targeted attacks still under investigation. Michael Gillespie, the creator of ID Ransomware, has also seen submissions from Pay2Key victims predominantly from Brazilian IP addresses.

FBI: Hackers stole source code from US government agencies and private companies

www.zdnet.com/article/fbi-hackers-stole-source-code-from-us-government-agencies-and-private-companies/ The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses.

How Ryuk Ransomware operators made $34 million from one victim

www.bleepingcomputer.com/news/security/how-ryuk-ransomware-operators-made-34-million-from-one-victim/ One hacker group that is targeting high-revenue companies with Ryuk ransomware received $34 million from one victim in exchange for the decryption key that unlocked their computers. The threat actor is highly proficient at moving laterally inside a compromised network and erasing as much of their tracks as possible before detonating Ryuk ransomware.

Luxottica data breach exposes LensCrafters, EyeMed patient info

www.bleepingcomputer.com/news/security/luxottica-data-breach-exposes-lenscrafters-eyemed-patient-info/ A Luxottica data breach has exposed the personal and protected health information for patients of LensCrafters, Target Optical, EyeMed, and other eye care practices. Luxottica is the world’s largest eyewear company with a portfolio of well-known eyeglass brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel, and Coach.

Cisco Talos Advisory on Adversaries Targeting the Healthcare and Public Health Sector

blog.talosintelligence.com/2020/10/healthcare-advisory.html Cisco Talos has become aware that an adversary is leveraging Trickbot banking trojan and Ryuk ransomware to target U.S. hospitals and healthcare providers at an increasing rate.

You might be interested in …

Daily NCSC-FI news followup 2020-10-17

Google warned users of 33,000 state-sponsored attacks in 2020 www.bleepingcomputer.com/news/security/google-warned-users-of-33-000-state-sponsored-attacks-in-2020/ Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts. Political campaign emails contain dark patterns to manipulate donors, voters www.zdnet.com/article/political-campaign-emails-contain-dark-patterns-to-manipulate-donors-voters/ Princeton researchers analyzed 100,000 different campaign emails from more […]

Read More

Daily NCSC-FI news followup 2021-08-22

Applen tietoja vuotanut työntekijä tuli katumapäälle Paljasti yhteisönsä jäseniä, jäi ilman minkäänlaista korvausta www.kauppalehti.fi/uutiset/applen-tietoja-vuotanut-tyontekija-tuli-katumapaalle-paljasti-yhteisonsa-jasenia-jai-ilman-minkaanlaista-korvausta/8cea66c6-e206-47b6-acb3-879f856c7445 Tiedot uusista, vielä julkaisemattomista Apple-tuotteista ovat kuumaa kamaa internetissä, koska laitteet ovat niin suosittuja ympäri maailman. Siksi niistä myös maksetaan, ja moni pyrkii saamaan haltuunsa salaisia tietoja. Tietovuotajien toiminta kiinnostaa luonnollisesti myös Applea. Motherboard on julkaissut artikkelin Apple-vuotajana pitkään toimineesta Andrej […]

Read More

Daily NCSC-FI news followup 2020-07-27

Alert (AA20-209A) Potential Legacy Risk from Malware Targeting QNAP NAS Devices us-cert.cisa.gov/ncas/alerts/aa20-209 CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.. All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.