Daily NCSC-FI news followup 2021-03-26

German Parliament targeted again by Russian state hackers

www.bleepingcomputer.com/news/security/german-parliament-targeted-again-by-russian-state-hackers/ It is believed that the attackers were able to gain access to the email accounts of seven members of the German federal parliament (Bundestag) and 31 members of German regional parliaments. “The Ghostwriter campaign leverages traditional cyber threat activity and information operations tactics to promote narratives intended to chip away at NATO’s cohesion and undermine local support for the organization in Lithuania, Latvia, and Poland, ” FireEye said.

Kyberrikollisuus on poliisiasia uusi opas neuvoo yrityksiä kyberrikostilanteissa

www.epressi.com/tiedotteet/turvallisuus/kyberrikollisuus-on-poliisiasia-uusi-opas-neuvoo-yrityksia-kyberrikostilanteissa.html Kyberrikokset voivat aiheuttaa yrityksen toimintaan vakavia häiriöitä ja merkittävää taloudellista vahinkoa. Kyberrikoksen uhriksi joutuminen ei ole häpeä

SolarWinds patches critical code execution bug in Orion Platform

www.bleepingcomputer.com/news/security/solarwinds-patches-critical-code-execution-bug-in-orion-platform/

Apple fixes iOS zero-day vulnerability exploited in the wild

www.bleepingcomputer.com/news/security/apple-fixes-ios-zero-day-vulnerability-exploited-in-the-wild/ Apple has released security updates to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices. The zero-day was discovered in the Webkit browser engine and allows attackers to launch universal cross-site scripting attacks after tricking targets into opening maliciously crafted web content on their devices.

Insurance Giant CNA Hit with Novel Ransomware Attack

threatpost.com/cna-hit-novel-ransomware/165044/ The incident, which forced the company to disconnect its systems, caused significant business disruption. The attack occurred earlier this week and leveraged a new variant of the Phoenix CryptoLocker malware.

Hades ransomware operators are hunting big game in the US

www.zdnet.com/article/hades-ransomware-operators-are-hunting-big-game-in-the-us/ Accenture says that the threat actors are focused on hunting organizations that generate at least $1 billion in annual revenue. See also:

www.accenture.com/us-en/blogs/cyber-defense/unknown-threat-group-using-hades-ransomware

New Advanced Android Malware Posing as “System Update”

blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/ The new malware disguises itself as a System Update application, and is stealing data, messages, images and taking control of Android phones. Once in control, hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more

You might be interested in …

Daily NCSC-FI news followup 2019-07-26

Stock Trading Service Robinhood Admits To Storing Some Passwords in Cleartext www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/ “On Monday night, we discovered that some user credentials were stored in a readable format within our internal system,” the company said.. “We resolved the issue, and after thorough review, found no evidence that this information was accessed by anyone outside our response […]

Read More

Daily NCSC-FI news followup 2020-12-23

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity us-cert.cisa.gov/ncas/current-activity/2020/12/23/cisa-releases-cisa-insights-and-creates-webpage-ongoing-apt-cyber CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly […]

Read More

Daily NCSC-FI news followup 2019-11-16

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers threatpost.com/holiday-shoppers-malicious-sites-posing-retailers/150326/ As the holiday season looms, cybercrooks are going after shoppers with more than 100,000 lookalike domains mimicking legitimate retailers.. To that point, Venafi researchers uncovered the copycat phishing sites, which use trusted, valid TLS certificates (60 percent of them are free certificates from […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.