Daily NCSC-FI news followup 2021-04-19

Lazarus APT conceals malicious code within BMP image to drop its RAT

blog.malwarebytes.com/malwarebytes-news/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/ Lazarus APT is one of the most sophisticated North Korean Threat Actors that has been active since at least 2009. This actor is known to target the U.S., South Korea, Japan and several other countries. In one of their most recent campaigns Lazarus used a complex targeted phishing attack against security researchers.

Malware That Spreads Via Xcode Projects Now Targeting Apple’s M1-based Macs

thehackernews.com/2021/04/malware-spreads-via-xcode-projects-now.html A Mac malware campaign targeting Xcode developers has been retooled to add support for Apple’s new M1 chips and expand its features to steal confidential information from cryptocurrency apps.

Malvertisers hacked 120 ad servers to load malicious ads

therecord.media/malvertisers-hacked-120-ad-servers-to-load-malicious-ads/ A malvertising operation known under the codename of Tag Barnakle has breached more than 120 ad servers over the past year and inserted malicious code into legitimate ads that redirected website visitors to sites promoting scams and malware.

Cryptoscam with fake mining equipment

www.kaspersky.com/blog/cryptoscam-fake-antminer/39398/ How fake sellers are stealing bitcoins from buyers of sought-after mining equipment. Rising cryptocurrency prices have led to an increase in demand for mining equipment, but COVID-19 restrictions have led to a drop in supply. As a result, the world is witnessing another shortage of powerful video cards and cryptomining equipment, with months-long wait times for new deliveries. Cybercriminals, as always, are looking to capitalize on the crisis.

Passwordless: More Mirage Than Reality

thehackernews.com/2021/04/passwordless-more-mirage-than-reality.html The concept of “passwordless” authentication has been gaining significant industry and media attention. And for a good reason. Our digital lives are demanding an ever-increasing number of online accounts and services, with security best practices dictating that each requires a strong, unique password in order to ensure data stays safe. Who wouldn’t want an easier way?

Zero trust, basic cyber hygiene best defence against third-party attacks

www.zdnet.com/article/zero-trust-basic-cyber-hygiene-best-defence-against-third-party-attacks/ Rather than entrust third-party suppliers to keep their supply chain secured, organisations should adopt a zero trust security strategy and establish basic cyber hygiene to safeguard their data. Adopting a zero trust security strategy can better safeguard organisations against third-party attacks, where suppliers should not simply be entrusted to do the right thing. In this second piece of a two-part feature, ZDNet looks at how businesses in Asia-Pacific can establish basic cyber hygiene as well as better data management to combat attacks from across their supply chain.

You might be interested in …

Daily NCSC-FI news followup 2020-07-16

Britannia, USA ja Kanada epäilevät Venäjää koronarokotetutkijoiden vakoilusta yle.fi/uutiset/3-11451847 Maiden mukaan hakkeriryhmä APT29 eli Cozy Bear on hyökännyt rokotetutkimuksessa mukana olevia tutkimusryhmiä vastaan, niin akateemisia kuin lääketeollisuudenkin. Katso myös: www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ja www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development Useita poliitikkojen ja julkisuuden henkilöiden Twitter-tilejä kaapattiin – Bitcoin-valuuttaa onnistuttiin huijaamaan yli 100 000 euron arvosta yle.fi/uutiset/3-11450130 Viestejä lähetettiin muun muassa Yhdysvaltojen entisen […]

Read More

Daily NCSC-FI news followup 2020-12-27

A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. Koei Tecmo discloses data breach after hacker leaks stolen data www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ Japanese game developer Koei Tecmo has disclosed […]

Read More

Daily NCSC-FI news followup 2021-05-14

[The Irish Health Service Executive] shuts down IT systems amid significant cyber attack www.irishtimes.com/news/health/hse-shuts-down-it-systems-amid-significant-cyber-attack-1.4564957 There has been a significant ransomware attack on the Health Service Executives (HSE) IT systems.. The HSE said it has taken the precaution of shutting down all its IT systems in order to protect them from this attack and to allow […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.