Daily NCSC-FI news followup 2021-01-07

Linux malware authors use Ezuri Golang crypter for zero detection

www.bleepingcomputer.com/news/security/linux-malware-authors-use-ezuri-golang-crypter-for-zero-detection/ Multiple malware authors are using the “Ezuri” crypter and memory loader to make their code undetectable to antivirus products. Source code for Ezuri, written in Golang, is available on GitHub for anyone to use.

December 2020’s Most Wanted Malware: Emotet Returns as Top Malware Threat

blog.malwarebytes.com/reports/2021/01/funke-media-group-suffers-nationwide-ransomware-attack-in-germany/ Our latest Global Threat Index for December 2020 has revealed that the Emotet trojan has returned to first place in the top malware list, impacting 7% of organizations globally, following a spam campaign which targeted over 100, 000 users per day during the holiday season.

Funke Media Group suffers nationwide ransomware attack in Germany

www.zdnet.com/article/cybersecurity-hack-the-army-bug-bounty-challenge-asks-hackers-to-find-vulnerabilities-in-u-s-military-networks/ On December 22, Germany’s third largest publisher fell victim to a cyberattack that affected systems in offices all around the country. The Funke Media Group publishes dozens of newspapers, like Berliner Morgenpost, Hamburger Abendblatt, and Bergedorfer Zeitung, as well as magazines, several local radio stations, and online news portals. It reaches over 3 million readers on a daily basis.

Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR

us-cert.cisa.gov/ncas/current-activity/2021/01/07/mozilla-releases-security-updates-firefox-firefox-android-and Mozilla has released security updates to address a vulnerability in Firefox, Firefox for Android, and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system.

Google Releases Security Updates for Chrome

us-cert.cisa.gov/ncas/current-activity/2021/01/07/google-releases-security-updates-chrome Google has released Chrome version 87.0.4280.141 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

Hack the Army bug bounty challenge asks hackers to find vulnerabilities in military networks

www.zdnet.com/article/cybersecurity-hack-the-army-bug-bounty-challenge-asks-hackers-to-find-vulnerabilities-in-u-s-military-networks/ Hackers are being invited to uncover cybersecurity vulnerabilities in the computer systems used by the US military as part of the ‘Hack the Army’ bug county challenge.

CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

us-cert.cisa.gov/ncas/current-activity/2021/01/06/cisa-updates-emergency-directive-21-01-supplemental-guidance-and CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2.

Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020

www.zdnet.com/article/cobalt-strike-and-metasploit-accounted-for-a-quarter-of-all-malware-c-c-servers-in-2020 Cobalt Strike and Metasploit, two penetration testing toolkits usually employed by security researchers, have been used to host more than a quarter of all the malware command and control (C&C) servers that have been deployed in 2020, threat intelligence firm Recorded Future said in a report today. Lisäksi:

www.recordedfuture.com/2020-adversary-infrastructure-report/

Feds Issue Recommendations for Maritime Cybersecurity

threatpost.com/feds-recommendations-maritime-cybersecurity/162804/ The White House has released cybersecurity guidance for securing the Maritime Transportation System (MTS), which operates along 25, 000 miles of coastal and inland waterways in the United States.

Twitter locks Trump out of his account for at least 12 hours

techcrunch.com/2021/01/06/twitter-locks-trump-out-of-his-account-for-at-least-12-hours/ In a reversal of its long standing policy, Twitter has locked the President of the United States’ Twitter account and forced the removal of three offending tweets.

You might be interested in …

Daily NCSC-FI news followup 2020-10-25

Presidentti Niinistö Vastaamon tietomurrosta: Tämä koskettaa meitä kaikkia yle.fi/uutiset/3-11612492 Tasavallan presidentti Sauli Niinistön mukaan jokaisen on torjuttava rikollisesti saatu tieto. Tasavallan presidentti Sauli Niinistö sanoo Vastaamon tietomurron herättävän suurta vastenmielisyyttä tekoa kohtaan, jota Niinistö kutsuu säälimättömän julmaksi. – Tämä koskettaa meitä kaikkia. Jokaisesta meistä kertyy tietoa jatkuvasti eri alustoille. Se koskee meitä myös niin, että […]

Read More

Daily NCSC-FI news followup 2021-06-16

Ukrainian Police Nab Six Tied to CLOP Ransomware krebsonsecurity.com/2021/06/ukrainian-police-nab-six-tied-to-clop-ransomware/ Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOPs victims this year alone include Stanford University Medical School, the University […]

Read More

Daily NCSC-FI news followup 2020-08-06

Australia’s 2020 Cyber Security Strategy www.pm.gov.au/media/australias-2020-cyber-security-strategy The Morrison Governments 2020 Cyber Security Strategy outlines how we will keep Australian families and businesses secure online, protect and strengthen the security and resilience of Australias critical infrastructure and ensure law enforcement agencies have the powers and technical capabilities to detect, target, investigate and disrupt cybercrime, including on […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.