Daily NCSC-FI news followup 2021-09-21

Marketron marketing services hit by Blackmatter ransomware

www.bleepingcomputer.com/news/security/marketron-marketing-services-hit-by-blackmatter-ransomware/ BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6, 000 customers in the media industry. Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations. It specializes in revenue management and audience engagement, handling advertising revenue of $5 billion every year. Marketron customers learned of the incident in an email on Sunday night from the company CEO, Jim Howard, who said that “the Russian criminal organization BlackMatter” was responsible for the attack.

New Mac malware masquerades as iTerm2, Remote Desktop and other apps

blog.malwarebytes.com/malwarebytes-news/2021/09/new-mac-malware-masquerades-as-iterm2-remote-desktop-and-other-apps/ This makes iTerm2 an ideal app to trojanize to infect people who may have access to development system, research intelligence, etc.. Last week, security researcher Patrick Wardle released details of a new piece of malware masquerading as the legitimate app iTerm2. iTerm2 is a legitimate replacement for the macOS Terminal app, offering some powerful features that Terminal does not. It is frequently used by power users. It is a favorite of security researchers because of the propensity for Mac malware to take control or detect usage of the Terminal app, which can interfere with attempts to reverse engineer malware

Data breach at Texas behavioral health center affects more than 24, 000

therecord.media/data-breach-at-texas-behavioral-health-center-affects-more-than-24000/ A data breach at Texas behavioral health provider Texoma Community Center affected more than 24, 000 people and highlights how timelines for breach notification may lag behind security eventseven when the most sensitive information is compromised. Texoma is a nonprofit that specializes in delivering mental health and substance abuse services. The public notice posted on its website last week says the organization “became aware of suspicious activity relating to several employee email accounts that were sending unauthorized messages, ” on October 20 of last year and “immediately launched an investigation.”. However, it took nearly 10 months for the center to notify stakeholders, including health authorities, of the breach.

Google Security Blog – An update on Memory Safety in Chrome

security.googleblog.com/2021/09/an-update-on-memory-safety-in-chrome.html attackers innovate, browsers always have to mount new defenses to stay ahead, and Chrome has invested in ever-stronger multi-process architecture built on sandboxing and site isolation. Combined with fuzzing, these are still our primary lines of defense, but they are reaching their limits, and we can no longer solely rely on this strategy to defeat in-the-wild attacks.

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

blog.malwarebytes.com/how-tos-2/2021/09/internet-safety-tips-for-kids-and-teens-a-comprehensive-guide-for-the-modern-parent/ When it comes to picking a new device for your child, it’s often difficult to know where to start. Whether you’re looking for a smartphone, a laptop, a gaming device or something else, or even just signing up for an account online, you want to make sure your kids are protected. It’s important to get the basics right, and you also want to be able to set parental controls, leaving little room for your child end up in online destinations you don’t want them going. Of course, setting controls shouldn’t be a be-all and end-all. Nothing can replace having good and open communication with your kids.

Ubuntu 18.04.6 LTS Released with Critical Security Fix

www.omgubuntu.co.uk/2021/09/ubuntu-18-04-6-lts-released-with-critical-security-fixes No, you’re not misreading the title, Ubuntu 18.04.6 LTS is available to download. This (unplanned) point release arrives with one key pun intended purpose: to make Ubuntu 18.04 LTS bootable again on Secure Boot-enabled systems.

Unpatched High-Severity Vulnerability Affects Apple macOS Computers

thehackernews.com/2021/09/unpatched-high-severity-vulnerability.html Cybersecurity researchers on Tuesday disclosed details of an unpatched vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines. “A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user, ” SSD Secure Disclosure said in a write-up published today.

You might be interested in …

Daily NCSC-FI news followup 2021-12-25

Data assessment, user consent key to compliance with China law www.zdnet.com/article/data-assessment-user-consent-key-to-compliance-with-china-law/#ftag=RSSbaffb68 International businesses that process information from China should obtain user consent and establish a data map, so they do not run afoul of the country’s Personal Information Protection Law (PIPL). Specifically, they should look closely at cross-border data flow and residency, even as more […]

Read More

Daily NCSC-FI news followup 2020-04-17

China-linked Electric Panda hackers seek U.S. targets, intel agency warns www.politico.com/news/2020/04/16/china-electric-panda-hackers-seek-us-targets-191220 Nearly 40 U.S. contracting facilities with access to classified information have been targeted by a hacking group with suspected ties to the Chinese government since Feb. 1, according to a bulletin disseminated to contractors by the Defense Counterintelligence and Security Agency on Wednesday. Hacking […]

Read More

Daily NCSC-FI news followup 2020-11-16

Verkkorikolliset yrittävät nyt kiristää varastetulla datalla tuplasti Yhä useampi raportoi, ettei tietoja ole palautettu lunnaiden maksun jälkeen www.kauppalehti.fi/uutiset/verkkorikolliset-yrittavat-nyt-kiristaa-varastetulla-datalla-tuplasti-yha-useampi-raportoi-ettei-tietoja-ole-palautettu-lunnaiden-maksun-jalkeen/5d70090b-104d-4950-a751-0… Esimerkiksi Revil-kiristysohjelmaa käyttäneet hakkerit olivat lähestyneet uhreja uudelleen viikkoja sen jälkeen, kun lunnaat oli vastaanotettu. Kun uhri saa lunnaat maksettuaan salausavaimen, sitä ei voida häneltä ottaa pois. Varastettujen tietojen avulla rikolliset sen sijaan voivat palata toiseen maksuun […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.