Daily NCSC-FI news followup 2021-01-07

Linux malware authors use Ezuri Golang crypter for zero detection

www.bleepingcomputer.com/news/security/linux-malware-authors-use-ezuri-golang-crypter-for-zero-detection/ Multiple malware authors are using the “Ezuri” crypter and memory loader to make their code undetectable to antivirus products. Source code for Ezuri, written in Golang, is available on GitHub for anyone to use.

December 2020’s Most Wanted Malware: Emotet Returns as Top Malware Threat

blog.malwarebytes.com/reports/2021/01/funke-media-group-suffers-nationwide-ransomware-attack-in-germany/ Our latest Global Threat Index for December 2020 has revealed that the Emotet trojan has returned to first place in the top malware list, impacting 7% of organizations globally, following a spam campaign which targeted over 100, 000 users per day during the holiday season.

Funke Media Group suffers nationwide ransomware attack in Germany

www.zdnet.com/article/cybersecurity-hack-the-army-bug-bounty-challenge-asks-hackers-to-find-vulnerabilities-in-u-s-military-networks/ On December 22, Germany’s third largest publisher fell victim to a cyberattack that affected systems in offices all around the country. The Funke Media Group publishes dozens of newspapers, like Berliner Morgenpost, Hamburger Abendblatt, and Bergedorfer Zeitung, as well as magazines, several local radio stations, and online news portals. It reaches over 3 million readers on a daily basis.

Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR

us-cert.cisa.gov/ncas/current-activity/2021/01/07/mozilla-releases-security-updates-firefox-firefox-android-and Mozilla has released security updates to address a vulnerability in Firefox, Firefox for Android, and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system.

Google Releases Security Updates for Chrome

us-cert.cisa.gov/ncas/current-activity/2021/01/07/google-releases-security-updates-chrome Google has released Chrome version 87.0.4280.141 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

Hack the Army bug bounty challenge asks hackers to find vulnerabilities in military networks

www.zdnet.com/article/cybersecurity-hack-the-army-bug-bounty-challenge-asks-hackers-to-find-vulnerabilities-in-u-s-military-networks/ Hackers are being invited to uncover cybersecurity vulnerabilities in the computer systems used by the US military as part of the ‘Hack the Army’ bug county challenge.

CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

us-cert.cisa.gov/ncas/current-activity/2021/01/06/cisa-updates-emergency-directive-21-01-supplemental-guidance-and CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2.

Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020

www.zdnet.com/article/cobalt-strike-and-metasploit-accounted-for-a-quarter-of-all-malware-c-c-servers-in-2020 Cobalt Strike and Metasploit, two penetration testing toolkits usually employed by security researchers, have been used to host more than a quarter of all the malware command and control (C&C) servers that have been deployed in 2020, threat intelligence firm Recorded Future said in a report today. Lisäksi:

www.recordedfuture.com/2020-adversary-infrastructure-report/

Feds Issue Recommendations for Maritime Cybersecurity

threatpost.com/feds-recommendations-maritime-cybersecurity/162804/ The White House has released cybersecurity guidance for securing the Maritime Transportation System (MTS), which operates along 25, 000 miles of coastal and inland waterways in the United States.

Twitter locks Trump out of his account for at least 12 hours

techcrunch.com/2021/01/06/twitter-locks-trump-out-of-his-account-for-at-least-12-hours/ In a reversal of its long standing policy, Twitter has locked the President of the United States’ Twitter account and forced the removal of three offending tweets.

You might be interested in …

Daily NCSC-FI news followup 2021-03-23

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector The NCSC is responding to further targeted ransomware attacks on the education sector by cyber criminals. When & How to Report Security Incidents www.enisa.europa.eu/news/enisa-news/when-how-to-report-security-incidents The European Union Agency for Cybersecurity (ENISA) releases new guidelines to facilitate the reporting of security incidents […]

Read More

Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. North […]

Read More

Daily NCSC-FI news followup 2019-11-11

Threat Alert: TCP Reflection Attacks blog.radware.com/security/2019/11/threat-alert-tcp-reflection-attacks/ Independent research in the behavior of a multitude of systems and devices on the internet exposed more than 4.8 million devices vulnerable to an average amplification factor of 112x and thousands of hosts that could be abused for amplification up to a factor of almost 80,000x, respectively, reflect more […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.