Daily NCSC-FI news followup 2020-11-23

Critical Controls 2021

www.cert.govt.nz/it-specialists/critical-controls/10-critical-controls/ CERT NZs ten critical controls are designed to help you decide where best to spend your time and money. These have been developed based on the data and insights we received from reports and international threat feeds. . The 2021 top ten list includes two new controls:. Provide and use a password manager. Secure internet-exposed services

Malware in Minecraft mods

www.kaspersky.com/blog/minecraft-mod-adware-google-play/37717/ Unfortunately, as with any successful project, cybercriminals are eager for a piece of the action. Since July of this year, we have detected more than 20 apps on Google Play claiming to be modpacks for Minecraft, when in fact their primary purpose is to display ads on smartphones and tablets in an extremely intrusive manner. We explain what these apps are and how to protect Android devices against . such threats.

Researchers Hacked And Stole A Tesla Model X In Just Minutes

www.forbes.com/sites/leemathews/2020/11/23/researchers-hacked-and-stole-a-tesla-model-x-in-just-minutes/ The attack exploits a weakness in the way Bluetooth communication between the vehicle and fob is handled. Remarkably, the equipment required to pull off the attack costs a measly $200. The core components are a Raspberry Pi, a replacement Tesla ECU (engine control unit) and a key fob.. The KU Leuven team disclosed its findings to Tesla and a fix was pushed to vulnerable vehicles via an over-the-air update this summer. Still, its a startling reminder of the capabilities todays skilled hacking teams possess.

Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices

cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/ In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of affordable wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any . devices connected to that network.

Shop securely online this Black Friday

www.ncsc.gov.uk/blog-post/shop-securely-online-this-black-friday With Black Friday and Cyber Monday fast approaching, it’s likely that shoppers will move online more than ever with most high street stores still closed. We have updated our online shopping guidance this week to give you the most up to date advice on how to stay secure whilst getting the best deals online.

Spotify Users Hit with Rash of Account Takeovers

threatpost.com/spotify-account-takeovers/161495/ vpnMentors research team spotted an open Elasticsearch database containing more than 380 million individual records, including login credentials and other user data, actively being validated against Spotify accounts. The database in question contained over 72 GB of data, including account usernames and passwords verified on Spotify; email addresses; and countries of residence.

Brazilian government recovers from “worst-ever” cyberattack

www.zdnet.com/article/brazilian-government-recovers-from-worst-ever-cyberattack/ After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution, the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to get its systems back up and running, after more than two weeks facing disruption.

Joe Biden Campaign Subdomain Down After Hacktivist Defacement

threatpost.com/joe-biden-campaign-website-hacktivist-defacement/161471/ The subdomain, vote.joebiden.com, was part of the official campaign website JoeBiden.com used by the Biden campaign leading up to the 2020 U.S. presidential election. On Nov. 18, the subdomain reportedly began to display a message in Turkish. In the message, the hacker claims to be RootAyy1ld1z, a Turkish And Muslim Defacer who is not a group or organization, but who fights alone.

Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs

www.bleepingcomputer.com/news/security/hacker-posts-exploits-for-over-49-000-vulnerable-fortinet-vpns/ Although the 2018 bug was publicly disclosed over a year ago, researchers have spotted around 50,000 targets that can still be targeted by attackers.

How Industrial IoT Security Can Catch Up With OT/IT Convergence

www.darkreading.com/edge/theedge/how-industrial-iot-security-can-catch-up-with-ot-it-convergence/b/d-id/1339502 In 2019 alone, research indicates attacks on OT targets had skyrocketed by 300%. However, [Darktrace director] Tsonchev points out that most of the attacks are not coming from the sort of nation-state actors that so many companies fear. Rather, they’re coming from garden-variety criminals who now have the tools to take effective aim at OT systems.

Analysis of TTPs employed by Egregor operators

www.group-ib.com/blog/egregor Egregor has been actively distributed since September 2020. In less than 3 months Egregor operators have managed to successfully hit 69 companies around the world with 32 targets in the US, 7 victims in France and Italy each, 6 in Germany, and 4 in the UK. Other victims happened to be from the APAC, Middle East, and Latin America. Egregor’s favorite sectors are Manufacturing (28.9% of victims) and . Retail (14.5%).

October 12 blackout [in Mumbai] was a sabotage

mumbaimirror.indiatimes.com/mumbai/cover-story/oct-12-blackout-was-a-sabotage/articleshow/79312959.cms Last months power outage in the Mumbai Metropolitan Region (MMR) was possibly the result of a sophisticated sabotage attempt involving foreign entities, a probe carried out by the state polices cyber cell has revealed.

Apple-Notarized Malware: What It Is and How It Affects Mac Users

www.tripwire.com/state-of-security/featured/apple-notarized-malware-how-it-affects-mac-users/ Malicious actors are targeting Apple. Although Apple introduced a notarization mechanism to scan and prevent malicious code from running on Apple devices, attackers have found ways to circumvent this process. Such Apple-notarized malware constitutes a threat to macOS users.

You might be interested in …

Daily NCSC-FI news followup 2019-11-13

While CISOs Fret, Business Leaders Tout Security Robustness www.darkreading.com/operations/while-cisos-fret-business-leaders-tout-security-robustness/d/d-id/1336342 Nominet recently surveyed nearly 300 senior security and IT practitioners, including CISOs, CIOs, and CTOs from the US and UK. The survey sought to assess the level of confidence among executives about their organizations’ cybersecurity posture and readiness to deal with threats.. Seventy percent of the […]

Read More

Daily NCSC-FI news followup 2021-04-03

Ransomware gang leaks data from Stanford, Maryland universities www.bleepingcomputer.com/news/security/ransomware-gang-leaks-data-from-stanford-maryland-universities/ Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group. Data stolen in the attack targeting Stanford Medicine’s Accellion server includes names, addresses, email addresses, Social Security numbers, and financial […]

Read More

Daily NCSC-FI news followup 2021-04-30

DarkPath scam group loses 134 domains impersonating the WHO therecord.media/darkpath-scam-group-loses-134-domains-impersonating-the-who/ United Nations security experts and security firm Group-IB said they worked together to take down 134 websites operated by a cybercrime group known as DarkPath. Group-IB told The Record that after notifying the UN’s International Computing Centre, they worked with “a wide network of regulators […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.