Daily NCSC-FI news followup 2021-11-02

FBI says ransomware gangs are using future merger and acquisition info to pressure victims

therecord.media/fbi-says-ransomware-gangs-are-using-future-merger-and-acquisition-info-to-pressure-victims/ The US Federal Bureau of Investigation says that several ransomware gangs have used financial information, such as stock valuations and upcoming mergers and acquisitions, to put pressure on victims and force them into paying large ransom demands. “During the initial reconnaissance phase, cyber criminals identify non-publicly available information, which they threaten to release or use as leverage during the extortion to entice victims to comply with ransom demands, ” the FBI said in a Private Industry Notification (PIN) it sent out on Monday.

Destructive’ cyberattack hits National Bank of Pakistan

therecord.media/destructive-cyberattack-hits-national-bank-of-pakistan/ The incident, which took place on the night between Friday and Saturday, impacted the bank’s backend systems and affected servers used to interlink the bank’s branches, the backend infrastructure controlling the bank’s ATM network, and the bank’s mobile apps.

Bandwidth.com expects to lose up to $12M following DDoS extortion attempt

therecord.media/bandwidth-com-expects-to-lose-up-to-12m-following-ddos-extortion-attempt/ Bandwidth Inc. expects to lose between $9 million and $12 million because of service downtime caused by a series of DDoS attacks the company dealt with during late September and early October this year. The attackers tried to obtain money from Bandwith Inc. by attacking its Bandwidth.com portal, through which the company provided on-demand server infrastructure to smaller VoIP telephony providers.

Google patches zero-day vulnerability, and others, in Android

blog.malwarebytes.com/exploits-and-vulnerabilities/2021/11/google-patches-zero-day-vulnerability-and-others-in-android/ Google has issued security patches for the Android Operating System. In total, the patches address 39 vulnerabilities. There are indications that one of the patched vulnerabilities may be under limited, targeted exploitation.

Google to Pay Hackers $31, 337 for Exploiting Patched Linux Kernel Flaws

thehackernews.com/2021/11/google-to-pay-hackers-31337-for.html Google on Monday announced that it will pay security researchers to find exploits using vulnerabilities, previously remediated or otherwise, over the next three months as part of a new bug bounty program to improve the security of the Linux kernel.

Over 30, 000 GitLab servers still unpatched against critical bug

www.bleepingcomputer.com/news/security/over-30-000-gitlab-servers-still-unpatched-against-critical-bug/ A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments remaining unpatched. The vulnerability is tracked as CVE-2021-22205 and has a CVSS v3 score of 10.0, allowing an unauthenticated, remote attacker to execute arbitrary commands as the ‘git’ user (repository admin).

Facebook deletes 1 billion faceprints in Face Recognition shutdown

www.bleepingcomputer.com/news/technology/facebook-deletes-1-billion-faceprints-in-face-recognition-shutdown/ Facebook announced today that they will no longer use the Face Recognition system on their platform and will be deleting over 1 billion people’s facial recognition profiles.

EU to adopt new cybersecurity rules for smartphones, wireless, IoT devices

therecord.media/eu-to-adopt-new-cybersecurity-rules-for-smartphones-wireless-iot-devices/ The European Commission has ordered an update to the Radio Equipment Directive in order to introduce new cybersecurity guidelines for radio and wireless equipment sold on the EU market, such as mobile phones, tablets, fitness trackers, and other smart IoT devices.

You might be interested in …

Daily NCSC-FI news followup 2020-06-12

Slovak police found wiretapping devices connected to the Govnet government network securityaffairs.co/wordpress/104567/intelligence/slovak-govnet-network-wiretapping-devices.html Slovak police seized wiretapping devices connected to Govnet government network and arrested four individuals, including the head of a government agency. Power company Enel Group suffers Snake Ransomware attack www.bleepingcomputer.com/news/security/power-company-enel-group-suffers-snake-ransomware-attack/ European energy company giant Enel Group suffered a ransomware attack a few days […]

Read More

Daily NCSC-FI news followup 2020-08-09

Scanning Activity Include Netcat Listener isc.sans.edu/forums/diary/Scanning+Activity+Include+Netcat+Listener/26442/ This activity started on the 5 July 2020 and has been active to this day only scanning against TCP port 81. The GET command is always the same except for the Netcat IP which has changed a few times since it started. If you have a webserver or a […]

Read More

Daily NCSC-FI news followup 2020-09-04

FBI: Thousands of orgs targeted by RDoS extortion campaign www.bleepingcomputer.com/news/security/fbi-thousands-of-orgs-targeted-by-rdos-extortion-campaign/ The FBI recommended US companies that received such ransom notes from the criminal gang behind this ongoing RDoS campaign not to pay the criminals’ ransom. Warner Music Group finds hackers compromised its online stores www.bleepingcomputer.com/news/security/warner-music-group-finds-hackers-compromised-its-online-stores/ Warner Music Group (WMG), the third-largest global music recording company, […]

Read More