Difference between revisions of "Template:PSW652NewsLeeNeely"

From Security Weekly Wiki
Jump to navigationJump to search
 
Line 11: Line 11:
 
#[https://www.securityweek.com/mandrake-android-spyware-remained-undetected-4-years 'Mandrake' Android Spyware Remained Undetected for 4 Years]  "Mandrake" has been identified being used in targeted attacks to take complete control of infected devices, turn down the volume, block calls and messages, steal user credentials, exfiltrate data, transfer funds, record the screen, and blackmail victims.
 
#[https://www.securityweek.com/mandrake-android-spyware-remained-undetected-4-years 'Mandrake' Android Spyware Remained Undetected for 4 Years]  "Mandrake" has been identified being used in targeted attacks to take complete control of infected devices, turn down the volume, block calls and messages, steal user credentials, exfiltrate data, transfer funds, record the screen, and blackmail victims.
 
#[https://www.ehackingnews.com/2020/05/the-database-of-russian-car-owners-is.html Database of Russian Car Owners Is Sold for Bitcoins] database containing some 129 million leads that was likely taken from the Russian traffic police register or insurance companies that includes vehicle registration information collected since the 1990s. Those behind the sales are reportedly selling the entire database for .3 BTC (~$2,900 USD) or 1.5 BTC (~$14,500 USD) to obtain "exclusive use" of the data.
 
#[https://www.ehackingnews.com/2020/05/the-database-of-russian-car-owners-is.html Database of Russian Car Owners Is Sold for Bitcoins] database containing some 129 million leads that was likely taken from the Russian traffic police register or insurance companies that includes vehicle registration information collected since the 1990s. Those behind the sales are reportedly selling the entire database for .3 BTC (~$2,900 USD) or 1.5 BTC (~$14,500 USD) to obtain "exclusive use" of the data.
#[https://www.itnews.com.au/news/my-health-record-system-hit-by-hack-attempt-548282 My Health Record System Hit by Hack Attempt] he Australian Digital Health Agency (ADHA) has revealed that its My Health Record system was targeted by attackers over an 11-month period, resulting in two "potential data breaches" since July 2019.
+
#[https://www.itnews.com.au/news/my-health-record-system-hit-by-hack-attempt-548282 My Health Record System Hit by Hack Attempt] The Australian Digital Health Agency (ADHA) has revealed that its My Health Record system was targeted by attackers over an 11-month period, resulting in two "potential data breaches" since July 2019.
 
#[https://thehackernews.com/2020/05/dns-server-ddos-attack.html New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks] Israeli cyber security researchers have disclosed details about a new vulnerability dubbed "NXNSAttack" affecting the DNS protocol that can be exploited by attackers to conduct large-scale, amplified distributed denial-of-service (DDoS) attacks in order to take down websites.
 
#[https://thehackernews.com/2020/05/dns-server-ddos-attack.html New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks] Israeli cyber security researchers have disclosed details about a new vulnerability dubbed "NXNSAttack" affecting the DNS protocol that can be exploited by attackers to conduct large-scale, amplified distributed denial-of-service (DDoS) attacks in order to take down websites.
 
#[https://9to5mac.com/2020/05/20/ios-13-5-released-features-exposure/ Apple Releases iOS/iPadOS 13.5] Security content not published, but many new features, including COVID-19 related features, from contact tracing support to more rapid mask detection which then fails over to passcode entry.
 
#[https://9to5mac.com/2020/05/20/ios-13-5-released-features-exposure/ Apple Releases iOS/iPadOS 13.5] Security content not published, but many new features, including COVID-19 related features, from contact tracing support to more rapid mask detection which then fails over to passcode entry.

Latest revision as of 01:33, 22 May 2020

Articles COVID-19

  1. Microsoft has recently announced that it has made some of its COVID-19 threat intelligence open-source The move is an attempt to help organizations and individuals better protect against a growing number of COVID-19 themed cyber threats by allowing the community a more complete view of attackers’ tactics, techniques, and procedures (TTPs). The information is being provided via threat intelligence sharing feeds for Azure Sentinel Customers, and for the public on GitHub.
  2. Scam alert: Text message offering free groceries from Target amid coronavirus pandemic is fake The scam text message, claiming to be from Target, includes a link that can install a virus, malware, spyware, or ransomware on victims’ devices that enables hackers to obtain personal information.
  3. COVID-19 contact tracing text message scams Contact tracers are usually hired by a state’s department of public health and only notify individuals that they will be contacted by a phone call.
  4. Microsoft warns of 'massive' phishing attack pushing legit RAT COVID-19-themed phishing campaign that installs a NetSupport Manager remote administration tool (RAT). The attack is spoofing an email from the Johns Hopkins Center providing an update on the Coronavirus-related deaths in the United States, with an attached Excel file titled ‘covid_usa_nyt_8072.xls.’

Articles

  1. Hackers Target the Air-Gapped Networks of the Taiwanese and Philippine Military Air-gap jumping technology is often more of a thought exercise, because of reliability and complexity of emissions capture. The most effective method is humans doing media transfers. This technique had been previously reported as WHITEFERRY malware in July 2019.
  2. iPhone Hacks No Longer Worth Any Money Because There Are Just Too Many Zerodium, a company that’s willing to pay up to $2 million for exploits in Apple’s iOS operating system, says it’s actually lowering its prices because the number of hacks aimed at this platform has increased substantially lately.
  3. Edison Mail Flaw Granted Users Access to Other People's Inboxes Bug in email client allowed thousands of users to gain full access to other users' email accounts after it released a new account syncing feature on May 15, 2020, that caused "technical issues" resulting in individuals' inboxes to syncing with other users' accounts.
  4. 'Mandrake' Android Spyware Remained Undetected for 4 Years "Mandrake" has been identified being used in targeted attacks to take complete control of infected devices, turn down the volume, block calls and messages, steal user credentials, exfiltrate data, transfer funds, record the screen, and blackmail victims.
  5. Database of Russian Car Owners Is Sold for Bitcoins database containing some 129 million leads that was likely taken from the Russian traffic police register or insurance companies that includes vehicle registration information collected since the 1990s. Those behind the sales are reportedly selling the entire database for .3 BTC (~$2,900 USD) or 1.5 BTC (~$14,500 USD) to obtain "exclusive use" of the data.
  6. My Health Record System Hit by Hack Attempt The Australian Digital Health Agency (ADHA) has revealed that its My Health Record system was targeted by attackers over an 11-month period, resulting in two "potential data breaches" since July 2019.
  7. New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks Israeli cyber security researchers have disclosed details about a new vulnerability dubbed "NXNSAttack" affecting the DNS protocol that can be exploited by attackers to conduct large-scale, amplified distributed denial-of-service (DDoS) attacks in order to take down websites.
  8. Apple Releases iOS/iPadOS 13.5 Security content not published, but many new features, including COVID-19 related features, from contact tracing support to more rapid mask detection which then fails over to passcode entry.