Daily NCSC-FI news followup 2020-11-18

Hackers are actively probing millions of WordPress sites

www.bleepingcomputer.com/news/security/hackers-are-actively-probing-millions-of-wordpress-sites/ Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150, 000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers.

Hacking group exploits ZeroLogon in automotive, industrial attack wave

www.zdnet.com/article/cicada-hacking-group-exploits-zerologon-launches-new-backdoor-in-automotive-industry-attack-wave/ The active cyberattack is thought to be the handiwork of Cicada, also tracked as APT10, Stone Panda, and Cloud Hopper.

Four Industrial Control System Vendors Warn of Critical Bugs

threatpost.com/ics-vendors-warn-critical-bugs/161333/ In addition to the Real Time Automation and Paradox bugs, high-severity flaws were made public by Sensormatic Electronics, a subsidiary of Johnson Controls, and ICS behemoth Schneider Electric.

Be Very Sparing in Allowing Site Notifications

krebsonsecurity.com/2020/11/be-very-sparing-in-allowing-site-notifications/ KrebsOnSecurity installed PushWelcome’s notifications on a brand new Windows test machine, and found that very soon after the system was peppered with alerts about malware threats supposedly found on the system. One notification was an ad for Norton antivirus; the other was for McAfee. Clicking either ultimately led to “buy now” pages at either Norton.com or McAfee.com.

Ransomware attack forces web hosting provider Managed.com to take servers offline

www.zdnet.com/article/web-hosting-provider-managed-shuts-down-after-ransomware-attack/ Managed.com, one of the biggest providers of managed web hosting solutions, has taken down all its servers in order to deal with a ransomware attack

The ransomware landscape is more crowded than you think

www.zdnet.com/article/the-ransomware-landscape-is-more-crowded-than-you-think/#ftag=RSSbaffb68 More than 25 Ransomware-as-a-Service (RaaS) portals are currently renting ransomware to other criminal groups. RaaS portals work by providing a ready-made ransomware code to other gangs. These gangs, often called RaaS clients or affiliates, rent the ransomware code, customize it using options provided by the RaaS, and then deploy in real-world attacks via a method of their choosing. RaaS offerings have been around since 2017, and they have been widely adopted as they allow non-technical criminal gangs to spread ransomware without needing to know how to code and deal with advanced cryptography concepts.

You might be interested in …

Daily NCSC-FI news followup 2019-10-06

HildaCrypt Ransomware Developer Releases Decryption Keys www.bleepingcomputer.com/news/security/hildacrypt-ransomware-developer-releases-decryption-keys/ The developer behind the HildaCrypt Ransomware has decided to release the ransomware’s private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free.. BleepingComputer had a conversation with the ransomware developer last night and was told […]

Read More

Daily NCSC-FI news followup 2020-01-03

Don’t Xiaomi pics of other people’s places! Chinese kitmaker fingers dodgy Boxing Day cache update after Google banishes it from Home www.theregister.co.uk/2020/01/03/google_blocks_xiaomi/ Xiaomi has blamed some post-Christmas cache digestion problems after finding itself plonked on the naughty step by Google which blocked the Chinese tech conglomerate’s devices from its Nest Hub and Assistant last night. […]

Read More

Daily NCSC-FI news followup 2019-07-05

Google Chrome to Unload Heavy Ads With Intensive Resource Usage www.bleepingcomputer.com/news/google/google-chrome-to-unload-heavy-ads-with-intensive-resource-usage/ Google is currently working on adding a new feature to the Chrome web browser designed to automatically unload ads which use an outrageous amount of system resources in an effort to shrink the browser’s CPU and network footprint. Samsung Update App with 10M+ Installs […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.