Daily NCSC-FI news followup 2021-07-30

New bank-fraud malware called Vultur infects thousands of devices

arstechnica.com/gadgets/2021/07/new-bank-fraud-malware-called-vultur-infects-thousands-of-devices/ Recently detected Android malware, some spread through the Google Play Store, uses a novel way to supercharge the harvesting of login credentials from more than 100 banking and cryptocurrency applications.. Screen sharing courtesy of VNC mirrors device screens to attacker-controlled servers.

Valtorin pelko osui oikeaan: katkenneet kahdennetut kaapelit samassa kourussa TietoEvryltä saatetaan vaatia korvauksia

www.tivi.fi/uutiset/tv/fdc81ca9-3dbe-42cc-8e0a-ed0075e4ae15 Valtorin asiakkuusjohtaja Jouni Mustonen kertoo Tiville, että asia oli niin kuin aiemmin epäiltiin: tietoliikenneyhteydet oli kahdennettu, mutta siten, että molemmat yhteydet kulkivat samassa kourussa.

Disinformation for hire: PR firms are the new battleground for Facebook

www.zdnet.com/article/disinformation-for-hire-pr-firms-are-the-new-battleground-for-facebook/ Facebook’s head of security policy has testified before an Australian Parliamentary inquiry that his company has witnessed an increasing use of marketing firms or PR agencies that are essentially hired to run disinformation campaigns.

Mexico says officials spent $61 million on Pegasus spyware

www.pbs.org/newshour/world/mexico-says-officials-spent-61-million-on-pegasus-spyware Mexicos top security official said Wednesday that two previous administrations spent $61 million to buy Pegasus spyware that has been implicated in government surveillance of opponents and journalists around the world.

Python team fixes bug that allowed takeover of PyPI repository

therecord.media/python-team-fixes-bug-that-allowed-takeover-of-pypi-repository/ The Python security team has fixed today three vulnerabilities impacting the Python Package Index (PyPI), the official repository for Python libraries, including one that could have allowed a threat actor to take full control over the portal.

Amazon fined $887 million over EU privacy violations

therecord.media/amazon-fined-887-million-over-eu-privacy-violations/ Luxembourgs data privacy regulator hit tech giant Amazon with a 746 million fine ($887 million) over claims that the companys processing of personal data did not comply with the European Unions General Data Protection Regulation. It is by far the largest-ever fine issued under the GDPR.. An Amazon spokesperson said the decision is without merit and plans to appeal

Several Malicious Typosquatted Python Libraries Found On PyPI Repository

thehackernews.com/2021/07/several-malicious-typosquatted-python.html As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks.

Bear Tracks: Infrastructure Patterns Lead to More Than 30 Active APT29 C2 Servers

www.riskiq.com/blog/external-threat-management/apt29-bear-tracks/

You might be interested in …

Daily NCSC-FI news followup 2019-11-06

BlueKeep RDP Attacks are Starting Patch CVE-2019-0708 Now www.fortinet.com/blog/threat-research/bluekeep-rdp-attacks-starting-patch-now.html Microsoft patched a critical Remote Desktop Services Remote Code Execution Vulnerability this past May, 2019. Identified as CVE-2019-0708, and also known as BlueKeep, this remote code execution vulnerability can be exploited when an unauthenticated attacker connects to a target system using RDP and then sends specially […]

Read More

Daily NCSC-FI news followup 2020-08-08

Small and mediumsized businesses: Big targets for ransomware attacks www.welivesecurity.com/2020/08/07/small-medium-sized-businesses-big-targets-ransomware-attacks/ Why are SMBs a target for ransomware-wielding gangs and what can they do to protect themselves against cyber-extortion?. While large enterprises may present themselves as more lucrative prey, SMBs are an attractive target due to their lack of resources to defend against such attacks. Iranians, […]

Read More

Daily NCSC-FI news followup 2020-04-22

Google Sees State-Sponsored Hackers Ramping Up Coronavirus Attacks www.wired.com/story/google-state-sponsored-hackers-coronavirus-phishing-malware/ More than 12 government-backed groups are using the pandemic as cover for digital reconnaissance and espionage, according to a new report. Report: blog.google/technology/safety-security/threat-analysis-group/findings-covid-19-and-online-security-threats/ Chinese Agents Helped Spread Messages That Sowed Virus Panic in U.S., Officials Say www.nytimes.com/2020/04/22/us/politics/coronavirus-china-disinformation.html American officials were alarmed by fake text messages and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.