Daily NCSC-FI news followup 2021-09-27

AWS EC2 North Virginia outage makes the net blippy

www.zdnet.com/article/aws-ec2-north-virginia-outage-makes-the-net-blippy/ Signal falls over while Xero and Nest got a bit iffy when the main AWS EC2 region had degraded performance.

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/ NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing certificate, and token-decryption certificate, as well as to download and execute additional components. Use of FoggyWeb has been observed in the wild as early as April 2021.

QNAP fixes critical bugs in QVR video surveillance solution

www.bleepingcomputer.com/news/security/qnap-fixes-critical-bugs-in-qvr-video-surveillance-solution/ Network-attached storage (NAS) maker QNAP has patched its QVR video management system against two critical-severity issues that could be exploited to run arbitrary commands.

Härski huijaus suomalaislehtien nimissä ilmoitukset täyttivät puhelimen

www.iltalehti.fi/tietoturva/a/75b9d9fb-2c56-4cf1-aace-81c916b3ee8d Uutissivustoja matkivat huijaussivustot yrittävät saada uhrin sijoitusansaan. Sivustolle voidaan ohjata esimerkiksi mainosten kautta.

Australians are losing over AU$6.6 million each month to cryptoscams

www.zdnet.com/article/australians-are-losing-over-au6-6-million-each-month-to-cryptoscams/ Losses related to cryptocurrency investment scams made up over a quarter of the total scams reported to the Australian Competition and Consumer Commission (ACCC) from the start of the year to the end of August.

A New Jupyter Malware Version is Being Distributed via MSI Installers

thehackernews.com/2021/09/a-new-jupyter-malware-version-is-being.html Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions.

New Android Malware Steals Financial Data from 378 Banking and Wallet Apps

thehackernews.com/2021/09/new-android-malware-steals-financial.html The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research.

Microsoft will disable Basic Auth in Exchange Online in October 2022

www.bleepingcomputer.com/news/microsoft/microsoft-will-disable-basic-auth-in-exchange-online-in-october-2022/ Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users.

BloodyStealer and gaming assets for sale

securelist.com/bloodystealer-and-gaming-assets-for-sale/104319/ In this report, we take a closer look at threats linked to loss of accounts with popular video game digital distribution services, such as Steam and Origin. We also explore the kind of game-related data that ends up on the black market and the prices.

Fake Installers Drop Malware and Open Doors for Opportunistic Attackers

www.trendmicro.com/en_us/research/21/i/fake-installers-drop-malware-and-open-doors-for-opportunistic-attackers.html

You might be interested in …

Daily NCSC-FI news followup 2020-08-10

Onko Android-puhelimessasi haittaohjelma? Nämä oireet enteilevät pahaa www.is.fi/digitoday/tietoturva/art-2000006594928.html Haittaohjelmat uhkaavat Android-käyttäjiä jopa virallisessa Google Play -latauskaupassa. Niiden aiheuttamat vahingot voivat näkyä esimerkiksi puhelinlaskussa, mutta haittaohjelman voi usein tunnistaa jo ennen sitä tarkkailemalla puhelimen käytöstä. FBI says an Iranian hacking group is attacking F5 networking devices www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/ Sources: Attacks linked to a hacker group known as […]

Read More

Daily NCSC-FI news followup 2020-05-27

Choosing 2FA authenticator apps can be hard. Ars did it so you don’t have to arstechnica.com/information-technology/2020/05/choosing-2fa-authenticator-apps-can-be-hard-ars-did-it-so-you-dont-have-to/ Losing your 2FA codes can be bad. Having backups stolen can be worse. What to do? New fuzzing tool finds 26 USB bugs in Linux, Windows, macOS, and FreeBSD www.zdnet.com/article/new-fuzzing-tool-finds-26-usb-bugs-in-linux-windows-macos-and-freebsd/ Eighteen of the 26 bugs impact Linux. Eleven have […]

Read More

Daily NCSC-FI news followup 2020-08-21

Outlook mail issues phishing dont fall for this scam! nakedsecurity.sophos.com/2020/08/21/outlook-mail-issues-phishing-dont-fall-for-this-scam/ Heres a phish that our own security team received themselves. Apart from some slightly clumsy wording (but when was the last time you received an email about a technical matter that was plainly written in perfect English?) and a tiny error of grammar, we thought […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.