Daily NCSC-FI news followup 2020-11-28

Europol and partners thwart massive credit card fraud scheme

www.welivesecurity.com/2020/11/27/europol-partners-thwart-credit-card-fraud-scheme/ Europol and several national law enforcement agencies have teamed up to disrupt trade in stolen credit card data on the dark web, ultimately preventing around 40 million (US$48 million) in losses for both consumers and financial organizations. The operation, dubbed Carding Action 2020, was carried out over a span of three months and involved an analysis of 90,000 pieces of credit card information. It was led by law enforcement authorities from Italy and Hungary and supported by their peers from both the United Kingdom and Europol. Its not immediately clear if any arrests were made.

Threat Hunting with JARM

isc.sans.edu/forums/diary/Threat+Hunting+with+JARM/26832/ Recently I have been testing a new tool created by the people at Salesforce. The tool is called JARM and what it does is query TLS instances (HTTPS servers and services) to create a fingerprint of their TLS configuration. Much like analyzing the nuances of network traffic can be used to fingerprint the operating system and version of a server, JARM fingerprints TLS instances to create a fingerprint which can be used to compare one TLS service to another..

github.com/salesforce/jarm

2021 Healthcare Cybersecurity Priorities: Experts Weigh In

threatpost.com/2021-healthcare-cybersecurity-priorities/161596/ Healthcare cybersecurity is in triage mode. As systems are stretched to the limits by COVID-19 and technology becomes an essential part of everyday patient interactions, hospital and healthcare IT departments have been left to figure out how to make it all work together, safely and securely. Most notably, the connectivity of everything from thermometers to defibrillators is exponentially increasing the attack surface, presenting vulnerabilities IT professionals might not even know are on their networks.

IIoT chip maker Advantech hit by ransomware, $12.5 million ransom

www.bleepingcomputer.com/news/security/iiot-chip-maker-advantech-hit-by-ransomware-125-million-ransom/ The Conti ransomware gang hit the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is now demanding a $14 million ransom to decrypt affected systems and to stop leaking stolen company data. Advantech is a global leading manufacturer of IT products and solutions, including embedded PCs, network devices, IoT, servers, and healthcare solutions, with a workforce of over 8,000 people in 92 major cities around the world.

Notorious Ransomware Gang Hits Producers Of Big Brother, Master Chef And The Voice

www.forbes.com/sites/leemathews/2020/11/28/notorious-ransomware-gang-hits-producers-of-big-brother-master-chef-and-the-voice/ A ransomware gang that Microsoft warned about last November has struck yet another high-profile victim. The latest target is Endemol Shine Group, the Amsterdam-based production and distribution giant behind hits like Big Brother, Master Chef and The Voice. The cybercriminals behind the DoppelPaymer ransomware have taken credit for the attack. Like many other ransomware crews, the group has taken to publicly identifying its victims on a leak site.

You might be interested in …

Daily NCSC-FI news followup 2021-02-14

Egregor ransomware operators arrested in Ukraine www.zdnet.com/article/egregor-ransomware-operators-arrested-in-ukraine/ Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself.. Members of the Egregor ransomware cartel have been arrested this week in Ukraine, French radio station France Inter reported on Friday, citing law enforcement sources. Pro-India hackers use Android spyware to spy […]

Read More

Daily NCSC-FI news followup 2021-06-04

Tekstiviestitse levitettävät Android-haittaohjelmat www.kyberturvallisuuskeskus.fi/fi/tekstiviestitse-levitettavat-android-haittaohjelmat Pakettiteemaisia huijausviestejä lähettävä FluBot-kampanja on aktivoitunut Suomessa. Kyberturvallisuuskeskukselle tulleiden ilmoitusten perusteella suomen kielellä kirjoitettuja huijausviestejä lähetetään tällä hetkellä arviolta tuhansille suomalaisille. Lisäksi: yle.fi/uutiset/3-11966491. Lisäksi: www.is.fi/digitoday/tietoturva/art-2000008027889.html. Lisäksi: www.epressi.com/tiedotteet/logistiikka-ja-liikenne/android-haittaohjelmat-leviavat-tekstiviestitse.html Exclusive: U.S. to give ransomware hacks similar priority as terrorism www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ The U.S. Department of Justice is elevating investigations of ransomware attacks to a […]

Read More

Daily NCSC-FI news followup 2020-02-05

Malware infection attempts appear to be shrinking… possibly because miscreants are less spammy and more focused on specific targets www.theregister.co.uk/2020/02/04/sonicwall_threat_report/ Attempts to infect computers with ransomware and other malware over networks are decreasing, reckons infosec outfit Sonicwall. FBI Warns of DDoS Attack on State Voter Registration Site www.bleepingcomputer.com/news/security/fbi-warns-of-ddos-attack-on-state-voter-registration-site/ The US Federal Bureau of Investigation (FBI) […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.