Daily NCSC-FI news followup 2021-09-21

Marketron marketing services hit by Blackmatter ransomware

www.bleepingcomputer.com/news/security/marketron-marketing-services-hit-by-blackmatter-ransomware/ BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6, 000 customers in the media industry. Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations. It specializes in revenue management and audience engagement, handling advertising revenue of $5 billion every year. Marketron customers learned of the incident in an email on Sunday night from the company CEO, Jim Howard, who said that “the Russian criminal organization BlackMatter” was responsible for the attack.

New Mac malware masquerades as iTerm2, Remote Desktop and other apps

blog.malwarebytes.com/malwarebytes-news/2021/09/new-mac-malware-masquerades-as-iterm2-remote-desktop-and-other-apps/ This makes iTerm2 an ideal app to trojanize to infect people who may have access to development system, research intelligence, etc.. Last week, security researcher Patrick Wardle released details of a new piece of malware masquerading as the legitimate app iTerm2. iTerm2 is a legitimate replacement for the macOS Terminal app, offering some powerful features that Terminal does not. It is frequently used by power users. It is a favorite of security researchers because of the propensity for Mac malware to take control or detect usage of the Terminal app, which can interfere with attempts to reverse engineer malware

Data breach at Texas behavioral health center affects more than 24, 000

therecord.media/data-breach-at-texas-behavioral-health-center-affects-more-than-24000/ A data breach at Texas behavioral health provider Texoma Community Center affected more than 24, 000 people and highlights how timelines for breach notification may lag behind security eventseven when the most sensitive information is compromised. Texoma is a nonprofit that specializes in delivering mental health and substance abuse services. The public notice posted on its website last week says the organization “became aware of suspicious activity relating to several employee email accounts that were sending unauthorized messages, ” on October 20 of last year and “immediately launched an investigation.”. However, it took nearly 10 months for the center to notify stakeholders, including health authorities, of the breach.

Google Security Blog – An update on Memory Safety in Chrome

security.googleblog.com/2021/09/an-update-on-memory-safety-in-chrome.html attackers innovate, browsers always have to mount new defenses to stay ahead, and Chrome has invested in ever-stronger multi-process architecture built on sandboxing and site isolation. Combined with fuzzing, these are still our primary lines of defense, but they are reaching their limits, and we can no longer solely rely on this strategy to defeat in-the-wild attacks.

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

blog.malwarebytes.com/how-tos-2/2021/09/internet-safety-tips-for-kids-and-teens-a-comprehensive-guide-for-the-modern-parent/ When it comes to picking a new device for your child, it’s often difficult to know where to start. Whether you’re looking for a smartphone, a laptop, a gaming device or something else, or even just signing up for an account online, you want to make sure your kids are protected. It’s important to get the basics right, and you also want to be able to set parental controls, leaving little room for your child end up in online destinations you don’t want them going. Of course, setting controls shouldn’t be a be-all and end-all. Nothing can replace having good and open communication with your kids.

Ubuntu 18.04.6 LTS Released with Critical Security Fix

www.omgubuntu.co.uk/2021/09/ubuntu-18-04-6-lts-released-with-critical-security-fixes No, you’re not misreading the title, Ubuntu 18.04.6 LTS is available to download. This (unplanned) point release arrives with one key pun intended purpose: to make Ubuntu 18.04 LTS bootable again on Secure Boot-enabled systems.

Unpatched High-Severity Vulnerability Affects Apple macOS Computers

thehackernews.com/2021/09/unpatched-high-severity-vulnerability.html Cybersecurity researchers on Tuesday disclosed details of an unpatched vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines. “A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user, ” SSD Secure Disclosure said in a write-up published today.

You might be interested in …

Daily NCSC-FI news followup 2020-02-03

TERVEYSTALON SÄHKÖISEEN VERKKOAJANVARAUKSEEN ON KOHDISTUNUT TIETOJENKALASTELUA www.terveystalo.com/fi/Sijoittajat/Tiedotteet/?crid=2AECEBB792F63309 Terveystalon sähköiseen verkkoajanvaraukseen on kohdistunut tietojenkalastelua. Tämän seurauksena yksittäisten henkilöiden henkilötunnus on todennäköisesti saatu selvitettyä. Verkkoajanvarauksessa ei käsitellä potilastietoja, ainoastaan nimi- ja henkilötunnustietoja. Potilastietoja verkkoajanvarauksen kautta ei saa selvitettyä.. Lue myös yle.fi/uutiset/3-11189706, www.hs.fi/kotimaa/art-2000006393563.html, www.is.fi/digitoday/tietoturva/art-2000006394014.html ja www.is.fi/digitoday/tietoturva/art-2000006394067.html Hakkerointi on yhtä murhaava ase kuin ohjusisku, sanoo Israelin armeijan tiedustelun veteraani […]

Read More

Daily NCSC-FI news followup 2019-08-28

Avast and French police take over malware botnet and disinfect 850,000 computers decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/ Cybercrime: Ransomware attacks have more than doubled this year www.zdnet.com/article/cyber-crime-ransomware-attacks-have-more-than-doubled-this-year/ TrickBot Modifications Target U.S. Mobile Users www.secureworks.com/blog/trickbot-modifications-target-us-mobile-users TrickBot added functionality to solicit PIN codes from mobile customers, which could allow threat actors to access victims voice and text communications. WootCloud Discovers ARES […]

Read More

Daily NCSC-FI news followup 2019-12-05

Suojelupoliisi: Ulkomaiset vakoojat entistä kiinnostuneempia Suomen kriittisestä infrasta mybroadband.co.za/news/internet/330379-how-internet-resources-worth-r800-million-were-stolen-and-sold-on-the-black-market.html The theft and sale of large swaths of valuable African Internet resources was an inside job, Internet investigator Ron Guilmette has concluded after five months of detective work.. Documents obtained from industry sources and public records in Uganda show that at least one insider at AFRINIC […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.