Ruotsi ja Norja vaativat Tanskalta selvitystä vakoiluväitteistä
yle.fi/uutiset/3-11955732 Mediatietojen mukaan Tanskan puolustusministeri olisi tiennyt jo viime elokuussa, että Yhdysvaltain Kansallisen turvallisuuden virasto NSA on vakoillut Tanskan kautta useiden liittolaismaiden poliitikkoja ja virkamiehiä. Ruotsin ja Norjan puolustusministerit vaativat Tanskalta selvitystä mediatiedoista, joiden mukaan Yhdysvallat olisi vakoillut Tanskan kautta niiden poliitikkoja ja virkamiehiä, kertoo muun muassa Tanskan yleisradioyhtiö DR.
US seizes domains used by APT29 in recent USAID phishing attacks
www.bleepingcomputer.com/news/security/us-seizes-domains-used-by-apt29-in-recent-usaid-phishing-attacks/ The US Department of Justice has seized two Internet domains used in recent phishing attacks impersonating the U.S. Agency for International Development (USAID) to distribute malware and gain access to internal networks.
Kimsuky APT continues to target South Korean government using AppleSeed backdoor
blog.malwarebytes.com/threat-analysis/2021/06/kimsuky-apt-continues-to-target-south-korean-government-using-appleseed-backdoor/ The Kimsuky APTalso known as Thallium, Black Banshee, and Velvet Chollimais a North Korean threat actor that has been active since 2012. The group conducts cyber espionage operations to target government entities mainly in South Korea. The Malwarebytes Threat Intelligence team is actively monitoring this actor and has been able to spot phishing websites, malicious documents, and scripts that have been used to target high profile people within the government of South Korea.
World’s biggest meat supplier, JBS, suffers cyber attack
grahamcluley.com/worlds-biggest-meat-supplier-jbs-suffers-cyber-attack/ The world’s largest meat supplier, JBS, says that it has suffered a cyber attack against its IT systems in North America and Australia impacting its ability to “process” thousands of cattle, sheep, and pigs. The security incident, first spotted on Sunday, has not been officially confirmed to a be a ransomware attack but I think anyone hearing the news would not be surprised if a ransomware gang was to blame.
JBS ransomware attack likely came from a Russian group, White House says
therecord.media/jbs-ransomware-attack-likely-came-from-a-russian-group-white-house-says/ A cyberattack that shut down some operations at JBS, a major meat processor with plants across Australia and the Americas, is believed to be a ransomware incident originating from a criminal organization based in Russia, the White House said Tuesday. JBS first disclosed details about the attack on Monday, calling it “an organized cybersecurity attack” that affected some of the servers supporting its IT systems in North America and Australia. According to press reports, White House spokeswoman Karine Jean-Pierre told reporters on Air Force One that the Brazil-based meatpacker notified the Biden administration Sunday that it was a ransomware attack. “The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harber ransomware criminals, ” Jean-Pierre said, adding that the FBI is investigating the incident.
Critical WordPress plugin zero-day under active exploitation
www.bleepingcomputer.com/news/security/critical-wordpress-plugin-zero-day-under-active-exploitation/ Threat actors are scanning for sites running the Fancy Product Designer plugin to exploit a zero-day bug allowing them to upload malware. Fancy Product Designer is a visual product configurator plugin for WordPress, WooCommerce, and Shopify, and it allows customers to customize products using their own graphics and content. The security flaw is a critical severity remote code execution (RCE) vulnerability discovered by Wordfence security analyst Charles Sweethill on Monday.