Daily NCSC-FI news followup 2022-01-09

Osuuspankin verkkosivut joutuivat kyberhyökkäyksen kohteeksi verkkopalvelun häiriö kesti useita tunteja

yle.fi/uutiset/3-12263337 Osuuspankin mukaan vika on nyt korjattu. Asiakastietoja tai rahoja ei vaarantunut kyberhyökkäyksessä.

Extracting Cobalt Strike Beacons from MSBuild Scripts

isc.sans.edu/forums/diary/Extracting+Cobalt+Strike+Beacons+from+MSBuild+Scripts/28200/

Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps

www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ The developer behind popular open-source NPM libraries ‘colors’ (aka colors.js on GitHub) and ‘faker’ (aka ‘faker.js’ on GitHub) intentionally introduced mischievous commits in them that are impacting thousands of applications relying on these libraries. The reason behind this mischief on the developer’s part appears to be retaliationagainst mega-corporations and commercial consumers of open-source projects who extensively rely on cost-free and community-powered software but do not, according to the developer, give back to the community.

Trojanized dnSpy app drops malware cocktail on researchers, devs

www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/ Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy.NET application to install cryptocurrency stealers, remote access trojans, and miners. This week, a threat actor created a GitHub repository with a compiled version of dnSpy that installs a cocktail of malware, including clipboard hijackers to steal cryptocurrency, the Quasar remote access trojan, a miner, and a variety of unknown payloads.

“Tilisi poistetaan” Pelottavan uskottava Instagram-huijaus kaappaa salasanan

www.is.fi/digitoday/tietoturva/art-2000008520872.html Väärät väitteet tekijänoikeuksien loukkaamisesta ovat nyt entistä uskottavampia.

You might be interested in …

Daily NCSC-FI news followup 2021-04-04

Malware attack is preventing car inspections in eight US states www.bleepingcomputer.com/news/security/malware-attack-is-preventing-car-inspections-in-eight-us-states/ A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. Applus Technologies cannot provide a time frame for when they will restore service as State governments require them to […]

Read More

Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its […]

Read More

Daily NCSC-FI news followup 2020-11-08

Office 365 will let admins review Microsoft Forms phishing attempts www.bleepingcomputer.com/news/security/office-365-will-let-admins-review-microsoft-forms-phishing-attempts/ Microsoft is working on adding a new Microsoft Forms phishing attempt review feature that will allow Office 365 admins to confirm and block forms that try to maliciously harvest sensitive data. Winning hacker team pockets $744, 500 at the Tianfu Cup, China’s top hacking […]

Read More