Daily NCSC-FI news followup 2021-05-26

North Korean (LAZARUS) hackers behind CryptoCore multi-million dollar heists

www.bleepingcomputer.com/news/security/north-korean-hackers-behind-cryptocore-multi-million-dollar-heists/ Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus. Full report as PDF:

www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf

Russian Hydra DarkNet Market Made Over $1.3 Billion in 2020

thehackernews.com/2021/05/russian-hydra-darknet-market-made-over.html Russian-language dark web marketplace Hydra has emerged as a hotspot for illicit activities, pulling in a whopping $1.37 billion worth of cryptocurrencies in 2020, up from $9.4 million in 2016.

Ryuk Ransomware Operators Shift Tactics to Target Victims

securityintelligence.com/articles/ryuk-ransomware-operators-shift-tactics/ The ransomware operators continue to target critical infrastructure and extract high ransom payments from vulnerable groups, including an attack on a large health care organization last year.

BazaFlix: BazaLoader Fakes Movie Streaming Service

www.proofpoint.com/us/blog/threat-insight/bazaflix-bazaloader-fakes-movie-streaming-service Proofpoint researchers identified a BazaLoader campaign requiring significant human interaction to execute and install the BazaLoader backdoor. The threat actor leveraged phone-based customer service representatives to direct victims to unknowingly download and install the malware. See also:

threatpost.com/bazaloader-fake-movie-streaming-service/166489/

Lessons Learned from Telemetry Analysis of DarkSide Affiliate Exfiltration Operations

www.dragos.com/blog/industry-news/lessons-learned-from-telemetry-analysis-of-darkside-affiliate-exfiltration-operations/ Using internet traffic telemetry from Team Cymru, Dragos identified the DarkSide adversary’s stolen data repository hosted with a popular Virtual Private Server (VPS) hosting provider.

Office 365 bug: Exchange Online, Outlook emails sent to junk folder

www.bleepingcomputer.com/news/microsoft/office-365-bug-exchange-online-outlook-emails-sent-to-junk-folder/ Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients’ inboxes and being sent their junk folders instead.

Kaspersky Security Bulletin 2020-2021 – EU statistics

securelist.com/kaspersky-security-bulletin-2020-2021-eu-statistics/102335/

Guidance on Strengthening the Code of Practice on Disinformation

digital-strategy.ec.europa.eu/en/library/guidance-strengthening-code-practice-disinformation The EU Commission publishes its guidance on how the Code of Practice on Disinformation, the first of its kind worldwide, should be strengthened to become a more effective tool for countering disinformation. Full report as PDF:

ec.europa.eu/newsroom/dae/redirection/document/76495

Ovatko suomalaiset yritykset valmiita älylaitteiden tietoturvavaatimuksiin?

www.epressi.com/tiedotteet/teknologia/ovatko-suomalaiset-yritykset-valmiita-alylaitteiden-tietoturvavaatimuksiin.html Älylaitteiden tietoturva mietityttää laitevalmistajia, laitemyyjiä ja kuluttajia. Suomessa otettiin käyttöön vapaaehtoinen älylaitteiden tietoturvallisuudesta kertova Tietoturvamerkki vuoden 2019 lopussa.

You might be interested in …

Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080 Ransomware accounted for 41% of […]

Read More

Daily NCSC-FI news followup 2021-04-11

Clubhouse data leak: 1.3 million user records leaked online for free cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/ So far, it seems like its been the worst week of the year for social media platforms in terms of data leaks, with Clubhouse seemingly joining the fray. Sudden New Warning Will Surprise Millions Of WhatsApp Users www.forbes.com/sites/zakdoffman/2021/04/10/shock-new-warning-for-millions-of-whatsapp-users-on-apple-iphone-and-google-android-phones/ A nasty new surprise for […]

Read More

Daily NCSC-FI news followup 2021-09-07

Important clarifications regarding arrest of climate activist protonmail.com/blog/climate-activist-arrest/ We would like to provide important clarifications regarding the case of the climate activist who was recently arrested by French police on criminal charges. […] In this case, Proton received a legally binding order from Swiss authorities which we are obligated to comply with. There was no […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.