Daily NCSC-FI news followup 2021-09-19

An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan

www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/ A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control. Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the researchers’ interest was the hacking software used by the digital spies, whom Kaspersky had dubbed Bitter APT, a pseudonym for an unspecified government agency. Aspects of the code looked like some the Moscow antivirus provider had previously seen and attributed to a company it gave the cryptonym “Moses.”

“Yes, we are breaking the law:” An interview with the operator of a marketplace for stolen data

therecord.media/yes-we-are-breaking-the-law-an-interview-with-the-operator-of-a-marketplace-for-stolen-data/ A website called Marketo emerged earlier this year, billing itself as a marketplace where people can buy leaked data. Although Marketo isn’t a ransomware group, it appears to borrow key strategies from those types of threat actors. In late August, the group wrote that it was selling confidential data from Japanese tech firm Fujitsu. Earlier this month, reports emerged that data stolen from the Virginia Department of Military Affairs was available for purchase on the site. But the group’s extortion efforts have gone further than many ransomware operatorsthey reportedly reach out to their victim’s competitors and law enforcement to pressure organizations into paying for the data.

New “Elon Musk Club” crypto giveaway scam promoted via email

www.bleepingcomputer.com/news/security/new-elon-musk-club-crypto-giveaway-scam-promoted-via-email/ A new Elon Musk-themed cryptocurrency giveaway scam called the “Elon Musk Mutual Aid Fund” or “Elon Musk Club” is being promoted through spam email campaigns that started over the past few weeks. Before you dismiss these scams, saying that no one falls for them, similar crypto scams have been hugely successful and have generated hundreds of thousands of dollars in the past.

AT&T lost $200M in seven years to illegal phone unlocking scheme

www.bleepingcomputer.com/news/security/atandt-lost-200m-in-seven-years-to-illegal-phone-unlocking-scheme/ A Pakistani fraudster was sentenced to 12 years in prison earlier this week after AT&T, the world’s largest telecommunications company, lost over $200 million after he and his co-conspirators coordinated a seven-year scheme that led to the fraudulent unlocking of almost 2 million phones.

Freedom Hosting admin gets 27 years in prison for hosting child pornography

therecord.media/freedom-hosting-admin-gets-27-years-in-prison-for-hosting-child-pornography/ An Irish man who ran a cheap dark web hosting service has been sentenced today to 27 years in prison for turning a blind eye to customers hosting child sex abuse material.

Google will extend Permission Auto-Reset feature to older Android versions

therecord.media/google-will-extend-permission-auto-reset-feature-to-older-android-versions/ Google announced plans today to port its Permission Auto-Reset feature from Android 11 to older versions of its mobile operating system, as far back as Android 6. Launched last fall, the Permission Auto-Reset feature works by automatically withdrawing user permissions from an app that hasn’t been opened and used for a few months.

What’s Up with WhatsApp Encrypted Backups

www.eff.org/deeplinks/2021/09/whats-whatsapp-encrypted-backups WhatsApp is rolling out an option for users to encrypt their message backups, and that is a big win for user privacy and security. The new feature is expected to be available for both iOS and Android “in the coming weeks.”. EFF has pointed out unencrypted backups as a huge weakness for WhatsApp and for any messenger that claims to offer end-to-end encryption, and we applaud this improvement. Next, encryption for backups should become the default for all users, not just an option.

Lessons From History: Afghanistan and the Dangerous Afterlives of Identifying Data

www.eff.org/deeplinks/2021/09/lessons-history-afghanistan-and-dangerous-afterlives-identifying-data As the United States pulled its troops out of Afghanistan after a 20-year occupation, byproducts of the prolonged deployment took on new meaning and represented a new chapter of danger for the Afghan people. For two decades, the United States spearheaded the collection of information on the people of Afghanistan, both for commonplace bureaucratic reasons like payroll and employment data – and in massive databases of biometric material accessible through devices called HIIDE.

Luuletko, ettet voi narahtaa nettihuijaukseen?

www.is.fi/digitoday/tietoturva/art-2000008260886.html TIETOKONEESSASI on virus. Sinulle on saapunut postipaketti. Vastaajassasi on viesti. Olet voittanut arvonnassa lahjakortin. Pankki on lähettänyt sinulle yksityisviestin, joka pitäisi lukea. Kuulostaako tutulta? Olemme kirjoittaneet puhelimitse, tekstiviestitse ja sähköpostitse tulevista huijauksista paljon. Siksi, että huijauksia on paljon.

You might be interested in …

Daily NCSC-FI news followup 2021-04-05

Supply chain attacks: what we know about the SolarWinds Sunburst’ exploit, and why it still matters blog.checkpoint.com/2021/04/05/supply-chain-attacks-what-we-know-about-the-solarwinds-sunburst-exploit-and-why-it-still-matters/ In a press conference, more than 2 months after the incident, the U.S. deputy national security advisor said that investigators were still in the “beginning stages” of understanding the scope and scale of the attack. What makes the […]

Read More

[NCSC-FI News] This browser-in-browser attack is perfect for phishing

A novel way of tricking people out of their passwords has left us wondering if there’s a need to rethink how much we trust our web browsers to protect us and to accelerate efforts to close web security gaps Earlier this week, an infosec researcher known as mr.d0x described a browser-in-the-browser (BitB) attack. It’s a […]

Read More

Daily NCSC-FI news followup 2020-08-26

Reverse Engineering and observing an IoT botnet www.gdatasoftware.com/blog/2020/08/36243-reverse-engineering-and-observing-an-iot-botnet IoT devices are everywhere around us and some of them are not up to date with todays security standard. A single light bulb exposed to the internet can offer an attacker a variety of possibilities to attack companies or households. The possibilities are endless. If we think […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.