Daily NCSC-FI news followup 2021-09-18

Researchers compile list of vulnerabilities abused by ransomware gangs

www.bleepingcomputer.com/news/security/researchers-compile-list-of-vulnerabilities-abused-by-ransomware-gangs/ Security researchers are compiling an easy-to-follow list of vulnerabilities ransomware gangs and their affiliates are using as initial access to breach victims’ networks. All this started with a call to action made by Allan Liska, a member of Recorded Future’s CSIRT, on Twitter over the weekend. Since then, with the help of several other contributors that joined his efforts, the list quickly grew to include security flaws found in products from over a dozen different software and hardware vendors.

Talos Threat Roundup for September 10 to September 17

blog.talosintelligence.com/2021/09/threat-roundup-0910-0917.html Talos is publishing a glimpse into the most prevalent threats we’ve observed between Sept. 10 and Sept. 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Poliisi tehostaa verkkoavusteisten petosrikosten torjuntaa ja tutkintaa

poliisi.fi/-/pankkien-nimissa-tehdyt-petokset-jatkuvat-poliisi-tehostaa-verkkoavusteisten-petosrikosten-torjuntaa-ja-tutkintaa Poliisi on havainnut kevään ja kesän 2021 aikana tietoverkkoavusteisen petosrikoskokonaisuuden, jossa verkkorikolliset kalastelevat verkkopankkitunnuksia väärinkäytöksiä varten. Petosrikollisuuteen puuttumiseksi poliisissa on perustettu valtakunnallinen tutkintaryhmä.

$133 million lost in online romance scams in 2021: FBI

www.zdnet.com/article/133-million-lost-in-online-romance-scams-in-2021-fbi/ The FBI said this week that thousands of people had filed complaints about online romance scams that resulted in losses totaling about $133 million. In a release, the FBI explained that from January 1 to July 31, the FBI Internet Crime Complaint Center received more than 1, 800 complaints about romance scams where victims were coerced into sending money digitally or trading cryptocurrency for another person.

Apple and Google Go Further Than Ever to Appease Russia

www.wired.com/story/russia-apple-google-voting-app-navalny/ The Russian government had pressured Apple and Google to take down the voting app for weeks, threatening fines and even accusing the companies of illegal election interference. Created by associates of imprisoned opposition leader Aleksei Navalny, it offered recommendations across each of Russia’s 225 voting districts for candidates with the best shot of defeating the dominant United Russia party in each race. Voting is open through the weekend, but the app is no longer available for download, and misleading imposter apps have already started to pop up in its place.

U.S. to sanction crypto exchanges, wallets used by ransomware

www.bleepingcomputer.com/news/security/us-to-sanction-crypto-exchanges-wallets-used-by-ransomware/ The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. With ransomware attacks against US interests and infrastructure escalating over the past two years, the White House has increased its efforts to disrupt ransomware operations.

A new app helps Iranians hide messages in plain sight

arstechnica.com/information-technology/2021/09/a-new-app-helps-iranians-hide-messages-in-plain-sight/ Amid ever-increasing government Internet control, surveillance, and censorship in Iran, a new Android app aims to give Iranians a way to speak freely. Nahoft, which means “hidden” in Farsi, is an encryption tool that turns up to 1, 000 characters of Farsi text into a jumble of random words. You can send this mélange to a friend over any communication platformTelegram, WhatsApp, Google Chat, etc.and then they run it through Nahoft on their device to decipher what you’ve said.

Simple Analysis Of A CVE-2021-40444.docx Document

isc.sans.edu/diary/rss/27848 On Sans InfoSec Handlers Diary Didier Stevens shows how to quickly analyse malicious Word documents like a one that exploits the MSHTML.

You might be interested in …

Daily NCSC-FI news followup 2020-11-02

Oracle Releases Out-of-Band Security Alert us-cert.cisa.gov/ncas/current-activity/2020/11/02/oracle-releases-out-band-security-alert Oracle has released an out-of-band security alert to address a remote code execution vulnerabilityCVE-2020-14750in Oracle WebLogic Server. A remote attacker can exploit this vulnerability to take control of an affected system. Read also: www.oracle.com/security-alerts/alert-cve-2020-14750.html Poliisille ilmoitettujen tietomurtojen määrä on liki tuplaantunut parissa vuodessa rikosten todellinen määrä on vielä suurempi […]

Read More

Daily NCSC-FI news followup 2020-04-03

A hacker has wiped, defaced more than 15,000 Elasticsearch servers www.zdnet.com/article/a-hacker-has-wiped-defaced-more-than-15000-elasticsearch-servers/ For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame. […]

Read More

Daily NCSC-FI news followup 2021-05-27

Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html In April, Mandiant published information about Pulse Secure devices, in this blog post they update the findings and provide recommendations to defenders APT hackers breached US local govt by exploiting Fortinet bugs www.bleepingcomputer.com/news/security/fbi-apt-hackers-breached-us-local-govt-by-exploiting-fortinet-bugs/ FBI: As of at least May 2021, an APT actor group […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.