Daily NCSC-FI news followup 2021-03-20

Office 365 Phishing Attack Targets Financial Execs

threatpost.com/office-365-phishing-attack-financial-execs/164925/ Attackers move on new CEOs, using transition confusion to harvest Microsoft credentials. Also:

www.area1security.com/blog/microsoft-365-spoof-targets-financial-departments/

Hackers are exploiting a server vulnerability with a severity of 9.8 out of 10

arstechnica.com/gadgets/2021/03/to-security-pros-dread-another-critical-server-vulnerability-is-under-exploit/ As if the mass-exploitation of Exchange servers wasn’t enough, now there’s BIG-IP. Last week, F5 disclosed and patched critical BIG-IP vulnerabilities that allow hackers to gain complete control of a server. Despite a severity rating of 9.8 out of 10, the security flaws got overshadowed by a different set of critical vulnerabilities Microsoft disclosed and patched in Exchange server a week earlier. Also:

thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html

Stalkerware in 2020 is still a burning issue

www.kaspersky.com/blog/stalkerware-in-2020/39102/ Stalkerware activity dropped off during the pandemic, but it’s picking up again. How to deal with the threat.

Report reveals the staggering scale of Business Email Compromise losses

blog.malwarebytes.com/business-2/2021/03/report-reveals-the-staggering-scale-of-business-email-compromise-losses/ The Internet Crime Complaint Center (IC3), an arm of the FBI where internet users can report online fraud crimes, recently released the 2020 Internet Crime Report, an annual report that contains high-level information on suspected fraud cases reported to them and their losses. A state-by-state statistical breakdown of these cases were included in an accompanying report, 2020 State Reports, that you can browse through here. Also:

www.ic3.gov/Media/PDF/AnnualReport/2020State/StateReport.aspx

The Week in Ransomware – March 19th 2021 – Highest ransom ever!

www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-19th-2021-highest-ransom-ever/ While the beginning of this week was fairly quiet, it definitely ended with a bang as news came out of the largest ransom demand yet.

US grid at rising risk to cyberattack, says GAO

thehill.com/policy/energy-environment/543831-government-watchdog-energy-department-must-address-cyber-threats-to Distribution systems within the U.S. electrical grid are increasingly vulnerable to cyberattack, a government watchdog said in a report released Thursday. www.gao.gov/assets/gao-21-81.pdf

4 Ways Hackers Are Bypassing Network Segmentation

infosecwriteups.com/4-ways-hackers-are-bypassing-network-segmentation-9190d6f71a70?source=rss—-7b722bfd1b8d—4&gi=f72540426c4f If you own a business or work in the industry, you’ve most likely heard of PCI and know maintaining compliance is critical for a business to continue accepting credit card payments.

Ryuk ransomware explained: A targeted, devastatingly effective attack

www.csoonline.com/article/3541810/ryuk-ransomware-explained-a-targeted-devastatingly-effective-attack.html#tk.rss_news Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

You might be interested in …

Daily NCSC-FI news followup 2019-07-10

Lapin Kansa: Kemin kaupungin tietoliikenneverkossa poikkeuksellisen pitkä vikatilanne syytä selvitetään www.lapinkansa.fi/lappi/kemin-kaupungin-tietoliikenneverkossa-poikkeuksellisen-pitka-vikatilanne-syyta-selvitetaan-3596802/ Zoom reverses course to kill off Mac local web server www.zdnet.com/article/zoom-reverses-course-to-kill-off-mac-local-web-server/ Less than a day after backing its approach to get around Safari restrictions on Mac, Zoom’s local web server is no more. New FinSpy iOS and Android implants revealed ITW securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/ FinSpy is […]

Read More

Daily NCSC-FI news followup 2020-02-22

Slickwraps Data Breach Exposes Financial and Customer Info www.bleepingcomputer.com/news/security/slickwraps-data-breach-exposes-financial-and-customer-info/ Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed.. Slickwraps is a mobile device case retailer who […]

Read More

Daily NCSC-FI news followup 2020-07-30

Hackers Broke Into Real News Sites to Plant Fake Stories www.wired.com/story/hackers-broke-into-real-news-sites-to-plant-fake-stories-anti-nato/ A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO. FireEye’s finding that all of those operations to plant fake news were carried out by a single group comes on the heels […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.