Daily NCSC-FI news followup 2020-12-23

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity

us-cert.cisa.gov/ncas/current-activity/2020/12/23/cisa-releases-cisa-insights-and-creates-webpage-ongoing-apt-cyber CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used authentication mechanisms. . see also

www.cisa.gov/supply-chain-compromise

DHS warns of data theft risk when using Chinese products

www.bleepingcomputer.com/news/security/dhs-warns-of-data-theft-risk-when-using-chinese-products/ The US Department of Homeland Security (DHS) warned American businesses of the data theft risks behind using equipment and data services provided by companies linked with the Peoples Republic of China (PRC).

Emotet Returns to Hit 100K Mailboxes Per Day

threatpost.com/emotet-returns-100k-mailboxes/162584/ Just in time for the Christmas holiday, Emotet is sending the gift of Trickbot.. After a lull of nearly two months, the Emotet botnet has returned with updated payloads and a campaign that is hitting 100,000 targets per day.. see also

blog.malwarebytes.com/cybercrime/2020/12/emotet-returns-just-in-time-for-christmas/

Lazarus covets COVID-19-related intelligence

securelist.com/lazarus-covets-covid-19-related-intelligence/99906/ As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that actors, such as the Lazarus group, are going after intelligence that could help these efforts by attacking entities related to COVID-19 research.. see also

threatpost.com/lazarus-covid-19-vaccine-maker-espionage/162591/

QNAP fixes high severity QTS, QES, and QuTS hero vulnerabilities

www.bleepingcomputer.com/news/security/qnap-fixes-high-severity-qts-qes-and-quts-hero-vulnerabilities/ QNAP has released security updates to fix multiple high severity security vulnerabilities impacting network-attached storage (NAS) devices running the QES, QTS, and QuTS hero operating systems.

Malware wrapped in Cyberpunk 2077

www.kaspersky.com/blog/cyberpunk-2077-ransomware/38196/ No sooner was Cyberpunk 2077 released for Windows and consoles than we came across a beta version for Android online. It was completely free to download from a site bearing the name cyberpunk2077mobile[.]com. The games actual developer has yet to announce any mobile version of the game, so we decided to investigate.

Microsoft 365 admins can now get security incident email alerts

www.bleepingcomputer.com/news/security/microsoft-365-admins-can-now-get-security-incident-email-alerts/ Microsoft has added support for security incident email notifications to the Microsoft 365 Defender enterprise threat protection solution.

You might be interested in …

Daily NCSC-FI news followup 2019-08-31

VLAN as an additional security layer www.kaspersky.com/blog/vlan-security/28253/ Every company has employees who handle large volumes of external e-mail. HR officers, PR managers, and salespeople are a few common examples. In addition to their regular mail, they receive a lot of spam, phishing messages, and malicious attachments. Moreover, the nature of their work requires them to […]

Read More

Daily NCSC-FI news followup 2020-06-04

Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’ www.zdnet.com/article/ciscos-warning-critical-flaw-in-ios-routers-allows-complete-system-compromise/ Most severe vulns are remote code execution by unauthenticated attackers. French CERT (ANSSI) releases Active Directory Security Assessment Checklist www.cert.ssi.gouv.fr/uploads/guide-ad.html U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/ A U.S. military contractor involved in the maintenance of the country’s Minuteman III […]

Read More

Daily NCSC-FI news followup 2019-06-27

Firefox Will Give You a Fake Browsing History to Fool Advertisers www.vice.com/en_us/article/43j8qm/firefox-will-give-you-a-fake-browsing-history-to-fool-advertisers Using the ‘Track THIS’ tool opens up 100 tabs at a time that will make you seem like a hypebeast, a filthy rich person, a doomsday prepper, or an influencer. Google Public DNS over HTTPS (DoH) supports RFC 8484 standard security.googleblog.com/2019/06/google-public-dns-over-https-doh.html Ever since […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.