Daily NCSC-FI news followup 2021-02-19

Apple Offers Its Closest Look Yet at iOS and MacOS Security

www.wired.com/story/apple-platform-security-guide-researchers/ In its latest Platform Security Guide, Cupertino raised the curtain on the critical features that protect against hackers. Lisäksi:

support.apple.com/guide/security/welcome/web. Lisäksi:

www.darkreading.com/endpoint/apple-offers-closer-look-at-its-platform-security-technologies-features/d/d-id/1340198

Mysterious Silver Sparrow Malware Found Nesting on 30K Macs

threatpost.com/silver-sparrow-malware-30k-macs/164121/ A second malware that targets Macs with Apple’s in-house M1 chip is infecting machines worldwide but it’s unclear why. Hard on the heels of a macOS adware being recompiled to target Apple’s new in-house processor, researchers have discovered a brand-new family of malware targeting the platform.

AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

us-cert.cisa.gov/ncas/alerts/aa21-048a The U.S. Government has identified malware and indicators of compromise (IOCs) used by the North Korean government to facilitate cryptocurrency thefts; the cybersecurity community refers to this activity as “AppleJeus.”

Cybercriminal Enterprise Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams

threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086 The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013. Authorities estimate the alleged group of criminals made over $55 million during its crime spree robbing mostly elderly online daters, small businesses and more.

Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials

thehackernews.com/2021/02/masslogger-trojan-upgraded-to-steal-all.html A credential stealer infamous for targeting Windows systems has resurfaced in a new phishing campaign that aims to steal credentials from Microsoft Outlook, Google Chrome, and instant messenger apps.

Malaysia arrests 11 suspects for hacking government sites

www.zdnet.com/article/malaysia-arrests-11-suspects-for-hacking-government-sites A similar government website defacement campaign is also taking place this week in Myanmar, in support of the country’s jailed elected leader.

Take security to the Zero Trust Edge

www.zdnet.com/article/take-security-to-the-zero-trust-edge/ The Zero Trust Edge (ZTE) model is a safer on-ramp to the internet for organizations’ physical locations and remote workers.

Daily NCSC-FI news followup 2020-07-08

Redirect auction securelist.com/redirect-auction/ Razor Enhanced, a legitimate assistant tool for Ultima Online, caught our eye when it started trying to access a malicious URL.. The WHOIS data told us that its owner had stopped paying for the domain name, and that it had been purchased using a service for tracking released domains, and then put […]

Daily NCSC-FI news followup 2020-09-07

Windows 10 low-effort zero-day in Hyper-V / Windows Sandbox enabled computers www.bleepingcomputer.com/news/security/windows-10-sandbox-activation-enables-zero-day-vulnerability/ A reverse engineer discovered a new zero-day vulnerability in most Windows 10 editions, which allows creating files in restricted areas of the operating system – e.g. under system32. The researcher told BleepingComputer that the vulnerable component is ‘storvsp.sys’ (Storage VSP – Virtualization Service […]

Daily NCSC-FI news followup 2019-06-12

Kyberhyökkääjä iski Lahden kaupungin verkkoon haittaohjelma ehti saastuttaa tietokoneita yle.fi/uutiset/3-10827423 Lahden kaupungin verkkoon ja työasemiin kohdistui kyberhyökkäys tiistaina iltapäivällä. Hyökkäyksen seurauksena verkko kuormittui ja ohjelma ehti saastuttaa koneita. Haittaohjelma on tunnistettu, ja virustorjuntaohjelmisto eristää sen tartunnan saaneissa koneissa, , kertoo kaupunki tiedotteessaan. Operaattorin palomuureissa on havaittu haittaohjelmaan liittyviä yhteysavauksia ja verkkoliikennettä, joka on estetty.. Myös: […]