Daily NCSC-FI news followup 2021-10-15

European Cybersecurity Month: Test your Skills with a Quiz

www.enisa.europa.eu/news/enisa-news/cybersecurity-month-test-your-skills-with-a-quiz The second theme of the European Cybersecurity Month (ECSM): “Cyber First Aid” is launched today and introduces guidelines in case one falls victim of a cyberattacks.

Critical infrastructure security dubbed ‘abysmal’ by researchers

www.zdnet.com/article/critical-infrastructure-security-dubbed-abysmal-by-researchers/ The “abysmal” state of security for industrial control systems (ICSs) is putting critical services at serious risk, new research finds.

This malware botnet gang has stolen millions with a surprisingly simple trick

www.zdnet.com/article/this-relentless-malware-botnet-has-made-millions-with-a-surprisingly-simple-trick/ The long-running botnet known as MyKings is still in business and has raked in at least $24.7 million by using its network of compromised computers to mine for cryptocurrencies.

Russian cybercrime gang targets finance firms with stealthy macros

www.bleepingcomputer.com/news/security/russian-cybercrime-gang-targets-finance-firms-with-stealthy-macros/ A new phishing campaign dubbed MirrorBlast is deploying weaponized Excel documents that are extremely difficult to detect to compromise financial service organizations. The most notable feature of MirrorBlast is the low detection rates of the campaign’s malicious Excel documents by security software, putting firms that rely solely upon detection tools at high risk.

Spamhaus Botnet Threat Update: Q3-2021

www.spamhaus.org/news/article/815/spamhaus-botnet-threat-update-q3-2021 Q3 has seen a massive 82% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. They have observed an explosion in the use of backdoor malware with nefarious operators hiding behind FastFlux. In turn, this has caused several new countries and service providers to be listed in our Top 20 charts. Welcome to the Spamhaus Botnet Threat Update Q3 2021.

US links $5.2 billion worth of Bitcoin transactions to ransomware

www.bleepingcomputer.com/news/security/us-links-52-billion-worth-of-bitcoin-transactions-to-ransomware/ The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has identified roughly $5.2 billion worth of outgoing Bitcoin transactions likely tied to the top 10 most commonly reported ransomware variants. Lisäksi:


Twitch downplays this month’s hack, says it had minimal impact

www.bleepingcomputer.com/news/security/twitch-downplays-this-months-hack-says-it-had-minimal-impact/ In an update regarding this month’s security incident, Twitch downplayed the breach saying that it had minimal impact and only affected a small number of users.

Accenture confirms data breach after August ransomware attack

www.bleepingcomputer.com/news/security/accenture-confirms-data-breach-after-august-ransomware-attack/ Global IT consultancy giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that hit the company’s systems in August 2021.

Security Risks of Client-Side Scanning

www.schneier.com/blog/archives/2021/10/security-risks-of-client-side-scanning.html Even before Apple made its announcement, law enforcement shifted their battle for backdoors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption. Lisäksi: arxiv.org/abs/2110.07450 -Bugs in our Pockets: The Risks of Client-Side Scanning

LANtenna hack spies on your data from across the room! (Sort of)

nakedsecurity.sophos.com/2021/10/15/lantenna-hack-spies-on-your-data-from-across-the-room-sort-of/ Mordechai Guri from the abovementioned Ben Gurion University of the Negev (BGU) in Israel has recently published a new data exfiltration’ paper detailing an unexpectedly effective way of sneaking very small amounts of data out of a cabled network without using any obvious sort of interconnection. This one is entitled LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables, and it’s the latest of many BGU publications in recent years dealing with a tricky problem in cybersecurity, namely. Lisäksi: arxiv.org/pdf/2110.00104.pdf

You might be interested in …

Daily NCSC-FI news followup 2021-02-19

Apple Offers Its Closest Look Yet at iOS and MacOS Security www.wired.com/story/apple-platform-security-guide-researchers/ In its latest Platform Security Guide, Cupertino raised the curtain on the critical features that protect against hackers. Lisäksi: support.apple.com/guide/security/welcome/web. Lisäksi: www.darkreading.com/endpoint/apple-offers-closer-look-at-its-platform-security-technologies-features/d/d-id/1340198 Mysterious Silver Sparrow Malware Found Nesting on 30K Macs threatpost.com/silver-sparrow-malware-30k-macs/164121/ A second malware that targets Macs with Apple’s in-house M1 chip […]

Read More

Daily NCSC-FI news followup 2020-01-20

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/ Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution.. Besides releasing these permanent fixes for the CVE-2019-19781 flaw, Citrix also says […]

Read More

Daily NCSC-FI news followup 2020-11-28

Europol and partners thwart massive credit card fraud scheme www.welivesecurity.com/2020/11/27/europol-partners-thwart-credit-card-fraud-scheme/ Europol and several national law enforcement agencies have teamed up to disrupt trade in stolen credit card data on the dark web, ultimately preventing around 40 million (US$48 million) in losses for both consumers and financial organizations. The operation, dubbed Carding Action 2020, was carried […]

Read More