Daily NCSC-FI news followup 2020-11-23

Critical Controls 2021

www.cert.govt.nz/it-specialists/critical-controls/10-critical-controls/ CERT NZs ten critical controls are designed to help you decide where best to spend your time and money. These have been developed based on the data and insights we received from reports and international threat feeds. . The 2021 top ten list includes two new controls:. Provide and use a password manager. Secure internet-exposed services

Malware in Minecraft mods

www.kaspersky.com/blog/minecraft-mod-adware-google-play/37717/ Unfortunately, as with any successful project, cybercriminals are eager for a piece of the action. Since July of this year, we have detected more than 20 apps on Google Play claiming to be modpacks for Minecraft, when in fact their primary purpose is to display ads on smartphones and tablets in an extremely intrusive manner. We explain what these apps are and how to protect Android devices against . such threats.

Researchers Hacked And Stole A Tesla Model X In Just Minutes

www.forbes.com/sites/leemathews/2020/11/23/researchers-hacked-and-stole-a-tesla-model-x-in-just-minutes/ The attack exploits a weakness in the way Bluetooth communication between the vehicle and fob is handled. Remarkably, the equipment required to pull off the attack costs a measly $200. The core components are a Raspberry Pi, a replacement Tesla ECU (engine control unit) and a key fob.. The KU Leuven team disclosed its findings to Tesla and a fix was pushed to vulnerable vehicles via an over-the-air update this summer. Still, its a startling reminder of the capabilities todays skilled hacking teams possess.

Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices

cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/ In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of affordable wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any . devices connected to that network.

Shop securely online this Black Friday

www.ncsc.gov.uk/blog-post/shop-securely-online-this-black-friday With Black Friday and Cyber Monday fast approaching, it’s likely that shoppers will move online more than ever with most high street stores still closed. We have updated our online shopping guidance this week to give you the most up to date advice on how to stay secure whilst getting the best deals online.

Spotify Users Hit with Rash of Account Takeovers

threatpost.com/spotify-account-takeovers/161495/ vpnMentors research team spotted an open Elasticsearch database containing more than 380 million individual records, including login credentials and other user data, actively being validated against Spotify accounts. The database in question contained over 72 GB of data, including account usernames and passwords verified on Spotify; email addresses; and countries of residence.

Brazilian government recovers from “worst-ever” cyberattack

www.zdnet.com/article/brazilian-government-recovers-from-worst-ever-cyberattack/ After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution, the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to get its systems back up and running, after more than two weeks facing disruption.

Joe Biden Campaign Subdomain Down After Hacktivist Defacement

threatpost.com/joe-biden-campaign-website-hacktivist-defacement/161471/ The subdomain, vote.joebiden.com, was part of the official campaign website JoeBiden.com used by the Biden campaign leading up to the 2020 U.S. presidential election. On Nov. 18, the subdomain reportedly began to display a message in Turkish. In the message, the hacker claims to be RootAyy1ld1z, a Turkish And Muslim Defacer who is not a group or organization, but who fights alone.

Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs

www.bleepingcomputer.com/news/security/hacker-posts-exploits-for-over-49-000-vulnerable-fortinet-vpns/ Although the 2018 bug was publicly disclosed over a year ago, researchers have spotted around 50,000 targets that can still be targeted by attackers.

How Industrial IoT Security Can Catch Up With OT/IT Convergence

www.darkreading.com/edge/theedge/how-industrial-iot-security-can-catch-up-with-ot-it-convergence/b/d-id/1339502 In 2019 alone, research indicates attacks on OT targets had skyrocketed by 300%. However, [Darktrace director] Tsonchev points out that most of the attacks are not coming from the sort of nation-state actors that so many companies fear. Rather, they’re coming from garden-variety criminals who now have the tools to take effective aim at OT systems.

Analysis of TTPs employed by Egregor operators

www.group-ib.com/blog/egregor Egregor has been actively distributed since September 2020. In less than 3 months Egregor operators have managed to successfully hit 69 companies around the world with 32 targets in the US, 7 victims in France and Italy each, 6 in Germany, and 4 in the UK. Other victims happened to be from the APAC, Middle East, and Latin America. Egregor’s favorite sectors are Manufacturing (28.9% of victims) and . Retail (14.5%).

October 12 blackout [in Mumbai] was a sabotage

mumbaimirror.indiatimes.com/mumbai/cover-story/oct-12-blackout-was-a-sabotage/articleshow/79312959.cms Last months power outage in the Mumbai Metropolitan Region (MMR) was possibly the result of a sophisticated sabotage attempt involving foreign entities, a probe carried out by the state polices cyber cell has revealed.

Apple-Notarized Malware: What It Is and How It Affects Mac Users

www.tripwire.com/state-of-security/featured/apple-notarized-malware-how-it-affects-mac-users/ Malicious actors are targeting Apple. Although Apple introduced a notarization mechanism to scan and prevent malicious code from running on Apple devices, attackers have found ways to circumvent this process. Such Apple-notarized malware constitutes a threat to macOS users.

You might be interested in …

Daily NCSC-FI news followup 2020-07-13

The NCSC-UK’s Exercise in a Box tool set has been updated to help organisations keep their employees safe while working from home www.zdnet.com/article/remote-working-this-free-tool-tests-how-good-your-security-really-is/ The ‘Home and Remote Working’ exercise has been added to the NCSC-UK’s Exercise in a Box, a toolkit designed to help small and medium-sized businesses prepare to defend against cyber attacks by […]

Read More

Daily NCSC-FI news followup 2019-10-23

NCSC-UK Annual Review 2019 www.ncsc.gov.uk/news/annual-review-2019 Single-page version PDF: www.ncsc.gov.uk/files/NCSC_Annual%20Review_2019%20single%20pagination.pdf Virus Bulletin confernce 2019: Papers on Emotet and Ryuk www.virusbulletin.com/blog/2019/10/vb2019-papers-emotet-and-ryuk/ Targeted ransomware has become one of the biggest and most damaging cybercrime trends in recent years. ‘Targeted’ is a bit of a misnomer though: the operators of the ransomware rarely choose the victim organisations. Instead, they […]

Read More

Daily NCSC-FI news followup 2019-06-26

Security flaw in LTE networks can let hackers send false presidential alerts cyware.com/news/security-flaw-in-lte-networks-can-let-hackers-send-false-presidential-alerts-109ceabf A vulnerability in LTE networks can be abused by hackers to launch spoofing attacks. The flaw can be exploited to send out spoofed AMBER alerts, and false presidential alerts. New Silex malware is bricking IoT devices, has scary plans www.zdnet.com/article/new-silex-malware-is-bricking-iot-devices-has-scary-plans/ A new […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.