Daily NCSC-FI news followup 2019-11-29

Europol Shuts Down ‘Imminent Monitor’ RAT Operations With 13 Arrests thehackernews.com/2019/11/europol-imminent-monitor-rat.html In a coordinated International law enforcement operation, Europol today announced to shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely.. see also www.europol.europa.eu/newsroom/news/international-crackdown-rat-spyware-which-takes-total-control-of-victims%E2%80%99-pcs The Olympics Goes […]

Read More

Daily NCSC-FI news followup 2019-11-28

Threat Spotlight: Machete Info-Stealer threatvector.cylance.com/en_us/home/threat-spotlight-machete-info-stealer.html Machete is an info-stealing malware that can harvest user credentials, chat logs, screenshots, webcam pictures, geolocation, and perform keylogging. It can also copy files to a USB device and take control of the clipboard to exfiltrate information. DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy www.schneier.com/blog/archives/2019/11/dhs_mandates_fe.html The DHS is […]

Read More

Daily NCSC-FI news followup 2019-11-27

Its Way Too Easy to Get a .gov Domain Name krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But […]

Read More

Daily NCSC-FI news followup 2019-11-26

The RIPE NCC has run out of IPv4 Addresses www.ripe.net/publications/news/about-ripe-ncc-and-ripe/the-ripe-ncc-has-run-out-of-ipv4-addresses Today, at 15:35 (UTC+1) on 25 November 2019, we made our final /22 IPv4 allocation from the last remaining addresses in our available pool. We have now run out of IPv4 addresses. Stantinko botnet adds cryptomining to its pool of criminal activities www.welivesecurity.com/2019/11/26/stantinko-botnet-adds-cryptomining-criminal-activities/ The operators […]

Read More

Daily NCSC-FI news followup 2019-11-25

Livingston School District in New Jersey Hit With Ransomware www.bleepingcomputer.com/news/security/livingston-school-district-in-new-jersey-hit-with-ransomware/ Students at the Livingston public school district in New Jersey are undoubtedly happy for a two hour delayed opening tomorrow. Unfortunately, this delay is not being caused by snow, but rather by a ransomware attack that the district is still recovering from. Hidden Cam Above […]

Read More

Daily NCSC-FI news followup 2019-11-24

CNAME Cloaking, the dangerous disguise of third-party trackers medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a What has started to happen in the last few months in the world of third-party tracking is having a major impact on peoples privacy, and it all stayed pretty much under the radar. How to Avoid Black Friday Scams Online www.wired.com/story/how-to-avoid-black-friday-scams-online/ Black Friday attracts crowds, and […]

Read More

Daily NCSC-FI news followup 2019-11-23

FBI says hackers are targeting US auto industry us.cnn.com/2019/11/20/politics/fbi-us-auto-industry-hackers/index.html The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN. Leaky Gekko Group database exposes info on hotel brands, travelers www.scmagazine.com/home/security-news/data-breach/leaky-gekko-group-database-exposes-info-on-hotel-brands-travelers/ European hotel booking platform provider Gekko Group mistakenly stored over […]

Read More

Daily NCSC-FI news followup 2019-11-22

Yli 200 kuntaa ja julkista organisaatiota harjoittelee toimintaa kyberhyökkäystilanteessa yle.fi/uutiset/3-11081256 Väestörekisterikeskuksen Taisto19-harjoituksessa hakkeriryhmä vaatii organisaatiolta lunnaita ja toteuttaa kyberhyökkäyssarjan. Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison thehackernews.com/2019/11/lisov-neverquest-russian-hacker.html A Russian hacker who created and used Neverquest banking malware to steal money from victims’ bank accounts has finally been sentenced to 4 […]

Read More

Daily NCSC-FI news followup 2019-11-21

The Cyber-Physical Security of the Power Grid smartgrid.ieee.org/newsletters/november-2019/the-cyber-physical-security-of-the-power-grid Since critical infrastructures play a crucial role in our everyday life, its security has to be considered as one of the most important challenges in this modern era.. Physical and cyber security of smart power grids is very difficult due to their complexity and inhomogeneity. A huge […]

Read More

Daily NCSC-FI news followup 2019-11-20

A Notorious Iranian Hacking Crew Is Targeting Industrial Control Systems www.wired.com/story/iran-apt33-industrial-control-systems/ The recent shift away from IT networks raises the possibility that Irans APT33 is exploring physically disruptive cyberattacks on critical infrastructure. Ransomware Gangs Adopt APT Tactics in Targeted Attacks www.bleepingcomputer.com/news/security/ransomware-gangs-adopt-apt-tactics-in-targeted-attacks/ Ransomware operators are moving away from mass volume attacks and partnering with specialists who […]

Read More