Daily NCSC-FI news followup 2021-09-18

Researchers compile list of vulnerabilities abused by ransomware gangs

www.bleepingcomputer.com/news/security/researchers-compile-list-of-vulnerabilities-abused-by-ransomware-gangs/ Security researchers are compiling an easy-to-follow list of vulnerabilities ransomware gangs and their affiliates are using as initial access to breach victims’ networks. All this started with a call to action made by Allan Liska, a member of Recorded Future’s CSIRT, on Twitter over the weekend. Since then, with the help of several other contributors that joined his efforts, the list quickly grew to include security flaws found in products from over a dozen different software and hardware vendors.

Talos Threat Roundup for September 10 to September 17

blog.talosintelligence.com/2021/09/threat-roundup-0910-0917.html Talos is publishing a glimpse into the most prevalent threats we’ve observed between Sept. 10 and Sept. 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Poliisi tehostaa verkkoavusteisten petosrikosten torjuntaa ja tutkintaa

poliisi.fi/-/pankkien-nimissa-tehdyt-petokset-jatkuvat-poliisi-tehostaa-verkkoavusteisten-petosrikosten-torjuntaa-ja-tutkintaa Poliisi on havainnut kevään ja kesän 2021 aikana tietoverkkoavusteisen petosrikoskokonaisuuden, jossa verkkorikolliset kalastelevat verkkopankkitunnuksia väärinkäytöksiä varten. Petosrikollisuuteen puuttumiseksi poliisissa on perustettu valtakunnallinen tutkintaryhmä.

$133 million lost in online romance scams in 2021: FBI

www.zdnet.com/article/133-million-lost-in-online-romance-scams-in-2021-fbi/ The FBI said this week that thousands of people had filed complaints about online romance scams that resulted in losses totaling about $133 million. In a release, the FBI explained that from January 1 to July 31, the FBI Internet Crime Complaint Center received more than 1, 800 complaints about romance scams where victims were coerced into sending money digitally or trading cryptocurrency for another person.

Apple and Google Go Further Than Ever to Appease Russia

www.wired.com/story/russia-apple-google-voting-app-navalny/ The Russian government had pressured Apple and Google to take down the voting app for weeks, threatening fines and even accusing the companies of illegal election interference. Created by associates of imprisoned opposition leader Aleksei Navalny, it offered recommendations across each of Russia’s 225 voting districts for candidates with the best shot of defeating the dominant United Russia party in each race. Voting is open through the weekend, but the app is no longer available for download, and misleading imposter apps have already started to pop up in its place.

U.S. to sanction crypto exchanges, wallets used by ransomware

www.bleepingcomputer.com/news/security/us-to-sanction-crypto-exchanges-wallets-used-by-ransomware/ The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. With ransomware attacks against US interests and infrastructure escalating over the past two years, the White House has increased its efforts to disrupt ransomware operations.

A new app helps Iranians hide messages in plain sight

arstechnica.com/information-technology/2021/09/a-new-app-helps-iranians-hide-messages-in-plain-sight/ Amid ever-increasing government Internet control, surveillance, and censorship in Iran, a new Android app aims to give Iranians a way to speak freely. Nahoft, which means “hidden” in Farsi, is an encryption tool that turns up to 1, 000 characters of Farsi text into a jumble of random words. You can send this mélange to a friend over any communication platformTelegram, WhatsApp, Google Chat, etc.and then they run it through Nahoft on their device to decipher what you’ve said.

Simple Analysis Of A CVE-2021-40444.docx Document

isc.sans.edu/diary/rss/27848 On Sans InfoSec Handlers Diary Didier Stevens shows how to quickly analyse malicious Word documents like a one that exploits the MSHTML.

You might be interested in …

[NCSC-FI News] Browser-in-the-browser attack: a new phishing technique

We explain a new sneaky technique for stealing passwords, and how to avoid being tricked by a phishing site. Source: Read More (NCSC-FI daily news followup)

Read More

[NCSC-FI News] New Linux bug gives root on all major distros, exploit released

A new Linux vulnerability known as ‘Dirty Pipe’ allows local users to gain root privileges through publicly available exploits Today, security researcher Max Kellermann responsibly disclosed the ‘Dirty Pipe’ vulnerability and stated that it affects Linux Kernel 5.8 and later versions, even on Android devices The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged […]

Read More

[NCSC-FI News] Top Russian meat producer hit with Windows BitLocker encryption attack

Moscow-based meat producer and distributor Miratorg Agribusiness Holding has suffered a major cyberattack that encrypted its IT systems, according to a report from Rosselkhoznadzor – the Russian federal veterinary and phytosanitary supervision service The announcement notes that the attackers leveraged the Windows BitLocker feature to encrypt files, essentially performing a ransomware attack According to the […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.