Daily NCSC-FI news followup 2021-03-31

CISA gives federal agencies 5 days to find hacked Exchange servers

www.bleepingcomputer.com/news/security/cisa-gives-federal-agencies-5-days-to-find-hacked-exchange-servers/ See also: cyber.dhs.gov/ed/21-02/

North Korean hackers target security researchers again

www.bleepingcomputer.com/news/security/google-north-korean-hackers-target-security-researchers-again/ Google’s Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts.

Risk Management, C-Suite Shifts & Next-Gen Text Scams: Your March 2021 Security Intelligence Roundup

securityintelligence.com/articles/march-2021-security-intelligence-roundup/

Iranian credential thieves targeting medical researchers

www.scmagazine.com/home/security-news/iranian-credential-thieves-targeting-medical-researchers/

Android sends 20x more data to Google than iOS sends to Apple, study says

arstechnica.com/gadgets/2021/03/android-sends-20x-more-data-to-google-than-ios-sends-to-apple-study-says/

He believed Apple’s App Store was safe. Then a fake app stole his life savings in bitcoin.

www.washingtonpost.com/technology/2021/03/30/trezor-scam-bitcoin-1-million/

Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service

www.fireeye.com/blog/threat-research/2021/03/attacker-use-of-windows-background-intelligent-transfer-service.html Applications interact with the Background Intelligent Transfer Service by creating jobs with one or more files to download or upload. The BITS service runs in a service host process and can schedule transfers to occur at any time. As is the case with many technologies, BITS can be used both by legitimate applications and by attackers.

Fransom is an open-source tool that will emulate common ransomware functions for the purpose of testing endpoint detection and response tools

github.com/fraktalcyber/Fransom

Quick Analysis of a Modular InfoStealer

isc.sans.edu/diary/rss/27264

Daily NCSC-FI news followup 2019-08-03

Joosua sai palkkion hakkeroinnista: Menneinä vuosina ei katsottu hyvällä www.is.fi/digitoday/tietoturva/art-2000006192538.html Joosua Santasalo sai tuntuvan palkkion löytämästään tietoturva-aukosta. Bug bounty -kampanjoiden yleistyminen kertoo ohjelmistoalan asennemuutoksesta. Internet connected cars can be hacked to gridlock major cities www.hackread.com/internet-connected-cars-hacked-gridlock-cities/ Hacking Internet Connected Cars a near possibility for cybercriminals to cause major havoc. Say hello to Lord Exploit Kit blog.malwarebytes.com/threat-analysis/2019/08/say-hello-to-lord-exploit-kit/ […]

Daily NCSC-FI news followup 2019-12-22

Florida man jailed for over five years after cyberstalking schoolmate, posting threats www.zdnet.com/article/man-jailed-for-over-five-years-after-cyberstalking-schoolmate-posting-threats/ One Day, Three Credit Card Data Breach Notifications www.bleepingcomputer.com/news/security/one-day-three-credit-card-data-breach-notifications/ On the same day this week, two restaurants and a convenience store, all with locations across the U.S., disclosed security breach incidents that may have enabled attackers to steal customer payment card data.. […]

Daily NCSC-FI news followup 2021-01-03

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud threatpost.com/2021-cybersecurity-trends/162629/ Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts. After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and […]