Daily NCSC-FI news followup 2020-12-13

Exclusive: U.S. Treasury breached by hackers backed by foreign government – sources

www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive-idUSKBN28N0PG A sophisticated hacking group backed by a foreign government stole information from the U.S. Treasury Department and a U.S. agency responsible for deciding policy around the internet and telecommunications, according to people familiar with the matter. “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation, ” said National Security Council spokesman John Ullyot.

How Worried Should I Be About My Password Being Compromised, Stolen In A Data Breach? Experts Say This

www.forbes.com/sites/brookecrothers/2020/12/12/how-worried-should-i-be-about-my-password-being-compromised-stolen-in-a-data-breach-experts-say-this/ After a major data breach, do criminals actually have your password even if it has been encrypted? tldr: It depends but always assume the worst say experts.

Intel’s Habana Labs hacked by Pay2Key ransomware, data stolen

www.bleepingcomputer.com/news/security/intels-habana-labs-hacked-by-pay2key-ransomware-data-stolen/ Intel-owned AI processor developer Habana Labs has suffered a cyberattack where data was stolen and leaked by threat actors. Today, the Pay2Key ransomware operation leaked data allegedly stolen from Habana Labs during a cyberattack. This data includes Windows domain account information, DNS zone information for the domain, and a file listing from its Gerrit development code review system.

An Overview of the Texas Ransomware Attack and What You Can Learn from It

heimdalsecurity.com/blog/texas-ransomware-attack/ A Coordinated Ransomware Attack Hit 22 Texas Municipalities in 2019. Here’s What You Can Learn from It. In this article, I will go over the events of the Texas ransomware attack, as well as provide a few essential cybersecurity considerations that can be deduced from this very teachable moment in recent cybersecurity history.

You might be interested in …

Daily NCSC-FI news followup 2019-10-26

U.N., UNICEF, Red Cross Under Ongoing Mobile Attack threatpost.com/un-unicef-red-cross-mobile-attack/149556/ A smart mobile-first phishing effort uses valid certificates to sign fake Office 365 pages, and logs keystrokes in real time. An ongoing, mobile-focused phishing campaign is targeting the United Nations and several humanitarian aid organizations, including UNICEF, the Red Cross and UN World Food. The campaign […]

Read More

Daily NCSC-FI news followup 2020-12-20

Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/ In many of their actions, the attackers took steps to maintain a low profile. For example, the inserted malicious code is lightweight and only has the task of running a malware-added method in a parallel thread […]

Read More

Daily NCSC-FI news followup 2020-04-29

Rogue affiliates are running fake antivirus expiration scams www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/ Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. Microsoft warns of malware surprise pushed via pirated movies www.bleepingcomputer.com/news/security/microsoft-warns-of-malware-surprise-pushed-via-pirated-movies/ […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.