Daily NCSC-FI news followup 2021-01-17

BugTraq Will Continue: Strong internal and community feedback cancels termination

www.securityfocus.com/archive/1/542248

CISA Publishes 2020 Chemical Security Presentations

www.cisa.gov/chemical-security-summit Topic include: cyber and physical security in manufacturing, cybersecurity evaluation tool and others.

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

thehackernews.com/2021/01/researchers-disclose-undocumented.html Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A second attack detected on May 30 used a malicious RAR archive file consisting of shortcuts to two bait PDF documents claimed to be a curriculum vitae and an IELTS certificate.

Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls

threatpost.com/apple-kills-macos-feature-allowing-apps-to-bypass-firewalls/163099/ The feature, first uncovered in November in a beta release of the macOS Big Sur feature, was called “ContentFilterExclusionList” and included a list of at least 50 Apple apps including Maps, Music, FaceTime, the App Store and its software update service. It has been recently removed in macOS Big Sur versions 11.2, Apple experts pointed out this week.

Windows Finger command abused by phishing to download malware

www.bleepingcomputer.com/news/security/windows-finger-command-abused-by-phishing-to-download-malware/ In September, we reported that security researchers discovered a way to use Finger as a way to download malware from a remote computer or exfiltrate data. This week, security researcher Kirk Sayre found a phishing campaign utilizing the Finger command to download the MineBridge backdoor malware.

A security researcher commandeered a Congo’s expired top-level domain nameserver’s domain to save it from hackers

techcrunch.com/2021/01/15/congo-comandeered/ In the end, the Congolese government didn’t bother asking for the domain back. It spun up an entirely new but similarly named domain scpt-network.net to replace the one now in Almroth’s possession.. The domain – scpt-network.com – was one of two nameservers for the.cd country code top-level domain, assigned to the Democratic Republic of Congo. If it fell into the wrong hands, an attacker could redirect millions of unknowing internet users to rogue websites of their choosing

You might be interested in …

Daily NCSC-FI news followup 2019-07-19

Security Lessons From a New Programming Language www.darkreading.com/application-security/security-lessons-from-a-new-programming-language/d/d-id/1335300?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process. It’s never good when ‘Magecart’ and ‘bulletproof’ appear in the same sentence, but here we are www.theregister.co.uk/2019/07/18/magecart_ukraine_hosting/ Researchers with security shop Malwarebytes […]

Read More

Daily NCSC-FI news followup 2020-09-05

Suomi ennakoi 5g:n tuomia riskejä – Supo mukana arvioimassa laitteita www.kauppalehti.fi/uutiset/suomi-ennakoi-5gn-tuomia-riskeja-supo-mukana-arvioimassa-laitteita/15541875-2408-4a72-9f79-7e8f1922ef38 Tuleva lakimuutos mahdollistaa verkoista kansallisesti vaaralliseksi arvioitavien verkkolaitteiden poistamisen. “Tämä on osittain liitoksissa 5g-turvallisuuteen, mutta laissa ei ole tarkoituksena millään tavalla jonkin verkkolaitevalmistajan säänteleminen tai markkinoilta poistaminen. Laki lähtee aivan neutraalista näkökulmasta”, johtaja Jukka-Pekka Juutinen Traficomista kertoo. Australian Cyber Security Centre (ACSC) releases cyber […]

Read More

Daily NCSC-FI news followup 2020-04-19

www.wired.com/story/apple-google-social-distancing-maps-privacy/ www.zdnet.com/article/hackers-steal-25-million-worth-of-cryptocurrency-from-uniswap-and-lendf-me/ www.zdnet.com/article/hacker-leaks-23-million-usernames-and-passwords-from-webkinz-childrens-game/ www.zdnet.com/article/phishing-kit-prices-skyrocketed-in-2019-by-149/ www.bloomberg.com/news/articles/2020-04-17/data-breach-shows-iranians-use-chat-apps-to-spy-researchers-say www.bleepingcomputer.com/news/security/coronavirus-dark-web-scams-from-infected-blood-to-ventilators/

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.