Security daily (11-12-2020)

Detecting sensitive data in DynamoDB with Macie

Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in Amazon Web Services (AWS). It gives you the ability to automatically scan for sensitive data and get an inventory of your Amazon Simple Storage Service (Amazon S3) buckets. […] (AWS Security Blog)

MountLocker ransomware hackers upgrade covert approach

BlackBerry researchers on Friday revealed new details about a ransomware strain that emerged this summer that hackers are peddling as a ransomware service for hire. It is unclear who exactly is behind the ransomware, called MountLocker. Within the last month, though, the scammers behind the ransomware have updated it several times in an effort to bypass detection, according to the researchers. MountLocker, which security professionals initially uncovered in July, according to the U.K. National Health Service Digital, tends to encrypt targets’ files like traditional ransomware strains. Affiliates now are using MountLocker to run extortion and blackmail schemes in an effort to compel larger payouts from victims, according to BlackBerry. In some cases, the ransom demands have been seven figures. It’s the latest ransomware strain to take part in the extortion tactic, which the FBI and security researchers have been warning about for months. MountLocker affiliates have largely relied on commercially […] The post MountLocker ransomware hackers upgrade covert approach appeared first on CyberScoop. (CyberScoop)

Facebook says it disrupted cyber-espionage in Vietnam, Bangladesh

Facebook says it has uncovered plots by two hacking campaigns to “abuse our platform, distribute malware and hack people’s accounts,” one originating in Vietnam, the other in Bangladesh. In a blog post late Thursday, two cybersecurity officials from the social media giant pinned the Vietnam-based activity on APT32, the advanced persistent threat group also known as Ocean Lotus. In Bangladesh, the perpetrators appear to be two largely unknown “non-profit” groups, Facebook says. “The operation from Vietnam focused primarily on spreading malware to its targets, whereas the operation from Bangladesh focused on compromising accounts across platforms and coordinating reporting to get targeted accounts and Pages removed from Facebook,” wrote Nathaniel Gleicher, the company’s head of security policy and Mike Dvilyanski, its cyberthreat intelligence manager. APT32’s efforts involved a Vietnamese IT company, the researchers said, making it the latest example of hacking groups using corporate disguises. In early November, cybersecurity company Volexity […] The post Facebook says it disrupted cyber-espionage in Vietnam, Bangladesh appeared first on CyberScoop. (CyberScoop)

Wormable Code Execution Flaw In Cisco Jabber Is Bad

(News ≈ Packet Storm)

Critical Steam Flaws Could Allow For Opponent Computer Crash

(News ≈ Packet Storm)

Facebook Tracks OceanLotus Hackers To IT Firm In Vietnam

(News ≈ Packet Storm)

Giuliani Says Democrats Used USB Ports Passed Around Like Vials Of Heroin To Commit Election Fraud

(News ≈ Packet Storm)

Security Issues in PoS Terminals Open Consumers to Fraud

Point-of-sale terminal vendors Verifone and Ingenico have issued mitigations after researchers found the devices use default passwords. (Threatpost)

Adrozek Malware Delivers Fake Ads to 30K Devices a Day

The Adrozek ad-injecting browser modifier malware also extracts device data and steals credentials, making it an even more dangerous threat. (Threatpost)

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

The malware takes aim at PostgreSQL database servers with never-before-seen techniques. (Threatpost)

Feds: K-12 Cyberattacks Dramatically on the Rise

Attackers are targeting students and faculty alike with malware, phishing, DDoS, Zoom bombs and more, the FBI and CISA said. (Threatpost)

Facebook Shutters Accounts Used in APT32 Cyberattacks

Facebook shut down accounts and Pages used by two separate threat groups to spread malware and conduct phishing attacks. (Threatpost)


/security-daily/ 12-12-2020 23:44:25