Daily NCSC-FI news followup 2021-04-20

Pulse Connect Secure Security Update

blog.pulsesecure.net/pulse-connect-secure-security-update/ The Pulse Secure team recently discovered that a limited number of customers have experienced evidence of exploit behavior on their Pulse Connect Secure (PCS) appliances. We are sharing information about the investigation and our actions through several communications channels in the best interests of our customers and the greater security community. Lisäksi:

www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html. Lisäksi:

www.reuters.com/technology/china-linked-hackers-used-pulse-secure-flaw-target-us-defense-industry-2021-04-20/. Lisäksi:

www.bleepingcomputer.com/news/security/pulse-secure-vpn-zero-day-used-to-hack-defense-firms-govt-orgs/. Lisäksi:

therecord.media/chinese-hackers-use-new-pulse-secure-vpn-zero-day-to-breach-us-defense-contractors/. Lisäksi

kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44755. Lisäksi:

www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_12/2021

Japanese police say Tick APT is linked to Chinese military

therecord.media/japanese-police-say-tick-apt-is-linked-to-chinese-military/ Japanese law enforcement believes a group of hackers linked to the Chinese military are behind a broad cyber-espionage campaign that has breached more than 200 Japanese companies and organizations since at least 2016.

Remote code execution vulnerabilities uncovered in smart air fryer

www.zdnet.com/article/remote-code-execution-vulnerabilities-uncovered-in-smart-air-fryer In another example of how connectivity can impact our home security, researchers have disclosed two remote code execution (RCE) vulnerabilities in a smart air fryer.

Fake Microsoft Store, Spotify sites spread info-stealing malware

www.bleepingcomputer.com/news/security/fake-microsoft-store-spotify-sites-spread-info-stealing-malware/ Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers. The attack was discovered by cybersecurity firm ESET who issued a warning yesterday on Twitter to be on the lookout for the malicious campaign.

Internal Facebook email reveals intent to frame data scraping as normalized, broad industry issue’

www.zdnet.com/article/facebook-internal-email-reveals-intent-to-frame-data-scraping-as-broad-industry-issue-and-normalized An internal email accidentally leaked by Facebook to a journalist has revealed the firm’s intentions to frame a recent data scraping incident as “normalized” and a “broad industry issue.”

Over 750, 000 Users Downloaded New Billing Fraud Apps From Google Play Store

thehackernews.com/2021/04/over-750000-users-download-new-billing.html Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud. The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700, 000 downloads before they were discovered and removed from the platform. Lisäksi:

www.mcafee.com/blogs/other-blogs/mcafee-labs/clever-billing-fraud-applications-on-google-play-etinu/. Lisäksi:

www.trendmicro.com/en_us/research/21/c/no-laughing-matter-joker-latest-ploy.html

The Incredible Rise of North Korea’s Hacking Army

www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army The country’s cyber forces have raked in billions of dollars for the regime by pulling off schemes ranging from A.T.M. heists to cryptocurrency thefts. Can they be stopped?

IntelBrief: QAnon A U.S. National Security Threat Amplified by Foreign-Based Actors

thesoufancenter.org/intelbrief-2021-april-20/ In testimony last week to the United States Senate Intelligence Committee, FBI Director Christopher Wray highlighted the continuing national security threat posed by adherents of the QAnon conspiracy theory.

You might be interested in …

Daily NCSC-FI news followup 2020-05-28

Counter Threat Unit Researchers Publish Threat Group Definitions www.secureworks.com/blog/counter-threat-unit-researchers-publish-threat-group-definitions Today, the Secureworks® Counter Threat Unit (CTU) research team began publishing Threat Group profiles on the Secureworks website. The profiles include a summary of the groups, their objectives, other aliases by which the groups are known, and the malware they use. Both criminal and government-sponsored Threat […]

Read More

Daily NCSC-FI news followup 2020-01-02

New evasion techniques found in web skimmers blog.malwarebytes.com/threat-analysis/2019/12/new-evasion-techniques-found-in-web-skimmers/ For a number of years, criminals have been able to steal credit card details from unaware online shoppers without attracting too much attention. Few people in the security industry were talking about these credit card web skimmers, both server-side and client-side, before the latter became largely known […]

Read More

Daily NCSC-FI news followup 2020-02-07

Backing up is no panacea when blackmailers publish stolen data www.kaspersky.com/blog/ransomware-data-disclosure/32410/ Backing up data has been one of the most effective, though labor-intensive, safeguards against encrypting ransomware so far. Now, malefactors seem to have caught up with those who rely on backups. The creators of several ransomware programs, confronted with victims refusing to pay the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.