Daily NCSC-FI news followup 2021-02-21

Experian challenged over massive data leak in Brazil

www.zdnet.com/article/experian-challenged-over-massive-data-leak-in-brazil Consumer rights body criticizes explanations from the credit bureau in relation to the data exposure of over 220 million citizens. After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and said it is likely that the incident was initiated in a corporate environment.

Kroger data breach exposes pharmacy and employee data

www.bleepingcomputer.com/news/security/kroger-data-breach-exposes-pharmacy-and-employee-data/ Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. Kroger is one of the largest retailers in the world, with almost 2, 800 stores in 35 states. Kroger employs approximately 500, 000 people and had over $122 billion in sales for 2019.

IronNetInjector: Turla’s New Malware Loading Tool

unit42.paloaltonetworks.com/ironnetinjector/ In recent years, more and more ready-made malware is released on software development hosting sites available for everybody to use including threat actors. This not only saves the bad guys development time, but also makes it much easier for them to find new ideas to prevent detection of their malware. Unit 42 researchers have found several malicious IronPython scripts whose purpose is to load and run Turla’s malware tools on a victim’s system. The use of IronPython for malicious purposes isn’t new, but the way Turla uses it is new. The overall method is known as Bring Your Own Interpreter (BYOI).

Warning: Google Alerts abused to push fake Adobe Flash updater

www.bleepingcomputer.com/news/security/warning-google-alerts-abused-to-push-fake-adobe-flash-updater/ Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users’ computers. The threat actors create fake stories with titles containing popular keywords that Google Search then indexes. Once indexed, Google Alerts will alert people who are following those keywords.

You might be interested in …

Daily NCSC-FI news followup 2020-01-21

Infiltrating Networks: Easier Than Ever Due to Evil Markets www.bleepingcomputer.com/news/security/infiltrating-networks-easier-than-ever-due-to-evil-markets/ Attackers don’t always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets.. Various levels of access are offered for prices starting $1,000 and increasing depending on how deep the […]

Read More

Daily NCSC-FI news followup 2021-04-10

FBI arrests man for plan to kill 70% of Internet in AWS bomb attack www.bleepingcomputer.com/news/security/fbi-arrests-man-for-plan-to-kill-70-percent-of-internet-in-aws-bomb-attack/ The FBI arrested a Texas man on Thursday for allegedly planning to “kill of about 70% of the internet” in a bomb attack targeting an Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. No password […]

Read More

Daily NCSC-FI news followup 2019-08-19

GAME OVER: Detecting and Stopping an APT41 Operation www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html In August 2019, FireEye released the Double Dragon report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services.. In this blog post, were going to examine a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.