Daily NCSC-FI news followup 2021-04-18

Ryuk ransomware operation updates hacking techniques

www.bleepingcomputer.com/news/security/ryuk-ransomware-operation-updates-hacking-techniques/ Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the public internet.

Discord Nitro gift codes now demanded as ransomware payments

www.bleepingcomputer.com/news/security/discord-nitro-gift-codes-now-demanded-as-ransomware-payments/ In a novel approach to ransom demands, a new ransomware calling itself ‘NitroRansomware’ encrypts victim’s files and then demands a Discord Nitro gift code to decrypt files. While Discord is free, they offer a Nitro subscription add-on for $9.99 per month that provides additional perks, such as larger uploads, HD video streaming, enhanced emojis, and the ability to boost your favorite server, so its users enjoy extra functionality as well.

The “Big Four”: Spotlight on Russia

www.fireeye.com/blog/executive-perspective/2021/04/the-big-four-spotlight-on-russia.html We are wrapping up our “Big Four” series with a country that has been one to watch for quite some time: Russia. And who better to join me for this episode than our Vice President for Mandiant Threat Intelligence, John Hultquist.

Security Gaps in IoT Access Control Threaten Devices and Users

beta.darkreading.com/perimeter/security-gaps-in-iot-access-control-threaten-devices-and-users A team of Internet of Things security researchers has discovered vulnerabilities in the way IoT device vendors manage access across multiple clouds and users, putting both individuals and vendors at risk.

FTP is 50 years old

www.filestash.app/2021/04/16/ftp-is-50-years-old/?ICID=ref_fark The 16th of April 1971 is not only the date when the Rolling Stone first released Brown Sugar, it is also marked with the publication of RFC 114 marking the birthday of FTP. Back in those days, the Vietnam war is at the forefront of the news, TCP/IP didn’t exist yet, Jimi Hendrix died 6 months ago, telnet was the new cool kid and some of the most influential rock n roll artists were about to release masterpieces while FTP was using a network protocol called NCP.

You might be interested in …

Daily NCSC-FI news followup 2021-01-13

Cloud Threat Hunting: Attack & Investigation Series- Lateral Movement Under the Radar blog.checkpoint.com/2021/01/13/cloud-threat-hunting-attack-investigation-series-lateral-movement-under-the-radar/ A sign of a truly sophisticated attack in the cloud is the ability to move laterally undetected. Doing so successfully requires knowledge of many techniques. In this latest installation of the Cloud Threat Hunting: Attack and Investigation Series, we present the most […]

Read More

Daily NCSC-FI news followup 2019-09-05

FunkyBot: A New Android Malware Family Targeting Japan www.fortinet.com/blog/threat-research/funkybot-malware-targets-japan.html Last year, FortiGuard Labs identified a malware campaign targeting Japanese users. The campaign impersonated a logistics company and deployed an Android malware called FakeSpy. We have been monitoring these actors and the phishing websites they created, and recently we noticed that they have started deploying a […]

Read More

Daily NCSC-FI news followup 2020-08-31

Bluetoothin turvallinen käyttö älylaitteissa www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/bluetoothin-turvallinen-kaytto-alylaitteissa Suomen korona-altistuksia jäljittävä sovellus auttaa katkaisemaan tartuntaketjuja ja hillitsemään viruksen leviämistä. Jäljittäminen perustuu Bluetooth Low Energy (BLE) -tekniikkaan: laitteet tunnistavat olevansa toisen laitteen lähellä BLE-signaalien voimakkuuden perusteella. Tässä artikkelissa korjaamme oletuksia ja vastaamme kysymyksiin, jotka liittyvät Bluetoothin käytön tietoturvariskeihin. Cisco warns of actively exploited bug in carrier-grade routers www.bleepingcomputer.com/news/security/cisco-warns-of-actively-exploited-bug-in-carrier-grade-routers/ Cisco […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.