Daily NCSC-FI news followup 2021-03-20

Office 365 Phishing Attack Targets Financial Execs

threatpost.com/office-365-phishing-attack-financial-execs/164925/ Attackers move on new CEOs, using transition confusion to harvest Microsoft credentials. Also:

www.area1security.com/blog/microsoft-365-spoof-targets-financial-departments/

Hackers are exploiting a server vulnerability with a severity of 9.8 out of 10

arstechnica.com/gadgets/2021/03/to-security-pros-dread-another-critical-server-vulnerability-is-under-exploit/ As if the mass-exploitation of Exchange servers wasn’t enough, now there’s BIG-IP. Last week, F5 disclosed and patched critical BIG-IP vulnerabilities that allow hackers to gain complete control of a server. Despite a severity rating of 9.8 out of 10, the security flaws got overshadowed by a different set of critical vulnerabilities Microsoft disclosed and patched in Exchange server a week earlier. Also:

thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html

Stalkerware in 2020 is still a burning issue

www.kaspersky.com/blog/stalkerware-in-2020/39102/ Stalkerware activity dropped off during the pandemic, but it’s picking up again. How to deal with the threat.

Report reveals the staggering scale of Business Email Compromise losses

blog.malwarebytes.com/business-2/2021/03/report-reveals-the-staggering-scale-of-business-email-compromise-losses/ The Internet Crime Complaint Center (IC3), an arm of the FBI where internet users can report online fraud crimes, recently released the 2020 Internet Crime Report, an annual report that contains high-level information on suspected fraud cases reported to them and their losses. A state-by-state statistical breakdown of these cases were included in an accompanying report, 2020 State Reports, that you can browse through here. Also:

www.ic3.gov/Media/PDF/AnnualReport/2020State/StateReport.aspx

The Week in Ransomware – March 19th 2021 – Highest ransom ever!

www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-19th-2021-highest-ransom-ever/ While the beginning of this week was fairly quiet, it definitely ended with a bang as news came out of the largest ransom demand yet.

US grid at rising risk to cyberattack, says GAO

thehill.com/policy/energy-environment/543831-government-watchdog-energy-department-must-address-cyber-threats-to Distribution systems within the U.S. electrical grid are increasingly vulnerable to cyberattack, a government watchdog said in a report released Thursday. www.gao.gov/assets/gao-21-81.pdf

4 Ways Hackers Are Bypassing Network Segmentation

infosecwriteups.com/4-ways-hackers-are-bypassing-network-segmentation-9190d6f71a70?source=rss—-7b722bfd1b8d—4&gi=f72540426c4f If you own a business or work in the industry, you’ve most likely heard of PCI and know maintaining compliance is critical for a business to continue accepting credit card payments.

Ryuk ransomware explained: A targeted, devastatingly effective attack

www.csoonline.com/article/3541810/ryuk-ransomware-explained-a-targeted-devastatingly-effective-attack.html#tk.rss_news Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

You might be interested in …

Daily NCSC-FI news followup 2020-11-23

Critical Controls 2021 www.cert.govt.nz/it-specialists/critical-controls/10-critical-controls/ CERT NZs ten critical controls are designed to help you decide where best to spend your time and money. These have been developed based on the data and insights we received from reports and international threat feeds. . The 2021 top ten list includes two new controls:. Provide and use a […]

Read More

Daily NCSC-FI news followup 2020-05-12

Coronavirus cyber-attacks update: beware of the phish blog.checkpoint.com/2020/05/12/coronavirus-cyber-attacks-update-beware-of-the-phish/ While we all try to get used to the Covid-19 pandemics new normal in our work and home lives, this year has been a time of unprecedented opportunity for cyber-criminals. The global response to the pandemic, and our desire for the latest information about it, has supercharged […]

Read More

Daily NCSC-FI news followup 2020-06-07

Fake ransomware decryptor double-encrypts desperate victims’ files www.bleepingcomputer.com/news/security/fake-ransomware-decryptor-double-encrypts-desperate-victims-files/ A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse. New Tekya Ad Fraud Found […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.