Security daily (15-05-2020)

Spring 2020 SOC reports now available with 122 services in scope

At AWS, our customers’ security is of the highest importance and we continue to provide transparency into our security posture. We’re proud to deliver the System and Organizational Controls (SOC) 1, 2, and 3 reports to our AWS customers. The SOC program continues to enable our global customer base to maintain confidence in our secured […] (AWS Security Blog)

Someone is trying to catfish women by pretending to be Paul Nakasone

Gen. Paul Nakasone, the director of the National Security Agency and head of U.S. Cyber Command, is a busy man. He oversees vast, technical surveillance efforts in the U.S. and abroad, while also commanding a military outfit charged with launching cyberattacks. Emailing random women from an outpost in Syria is probably not on his to-do list. So when, Susan, a woman from the New York City area, started receiving correspondence from a “Paul Nakasone” this week, she wondered why the self-proclaimed “head of U.S. Army Cyber Command” was trying to flirt with her. “I Googled this guy and I’m like, ‘Are you kidding me?’” Susan, who asked to be identified by only her first name, told CyberScoop. “And it was very flirtatious, but I’m a married woman.” Susan ultimately realized, that, no, she was not talking to the real Paul Nakasone. She and her friend were actually dealing with scammers who were posing as top […] The post Someone is trying to catfish women by pretending to be Paul Nakasone appeared first on CyberScoop. (CyberScoop)

Romanian police bust hackers allegedly plotting ransomware attacks on hospitals

Romanian authorities said Friday they had disrupted a cybercriminal group that planned to conduct ransomware attacks on hospitals in the country. The hackers intended to pose as government officials and send malicious emails to public health institutions that purported to contain information on the coronavirus, according to the Directorate for Investigating Organized Crime and Terrorism (DIICOT), one of Romania’s top law enforcement agencies. Such ransomware attacks could disrupt the IT systems of hospitals, DIICOT said. But before that could happen, police and security officials said they searched the suspects’ properties in Romania and neighboring Moldova. All four suspects were arrested, ZDNet reported. The hackers planned to threaten hospitals to protest Romania’s state of emergency, which has restricted public gatherings during the COVID-19 pandemic, according to Romanian news outlet Stirile Pro Tv. The threat of attacking hospitals would be a much more serious crime than the website defacements and other low-skill digital mischief usually […] The post Romanian police bust hackers allegedly plotting ransomware attacks on hospitals appeared first on CyberScoop. (CyberScoop)

US Commerce Department tightens screws on Huawei export controls

The U.S. Department of Commerce on Friday said it was tightening regulations to prevent Huawei from using U.S. software to make semiconductors abroad, the latest move by officials to crack down on a Chinese telecommunications giant they deem a national security threat. The new regulations are an effort to “narrowly and strategically target Huawei’s acquisition of semiconductors that are the direct product of certain U.S. software and technology,” the Department of Commerce said in a statement. Huawei has been circumventing previous restrictions on using U.S. technology to make semiconductors, which are key to its smartphone business, Commerce officials alleged. The updated export controls go further in forcing foreign companies that use U.S. chipset technology to get a license before selling that technology to Huawei. A Huawei spokesperson did not immediately respond to a request for comment. The new export controls are one of a series of stringent measures the Trump administration […] The post US Commerce Department tightens screws on Huawei export controls appeared first on CyberScoop. (CyberScoop)

An outbreak of Coronavirus trojans and scams

Recent weeks have seen a spate of scams and attacks associated with the Coronavirus pandemic, and there is little evidence of the end being in sight. (Graham Cluley)

S2 Ep 39: Thunderspy, government encryption, and reply all mistakes – Naked Security Podcast

Reply all woes, DHS says no to DoH and why turning your computer off is good for security. (Naked Security)

How scammers abuse Google Search’s open redirect feature

Google Search uses open redirects by design, which is handy if you're a scammer trying to hide an iffy-looking URL. (Naked Security)

Top 10 most exploited vulnerabilities list released by FBI, DHS CISA

The agencies say it's vital to prioritize patching. Otherwise, we're making it easy for attackers who don't have to work at finding 0 days. (Naked Security)

Microsoft joins encrypted DNS club with Windows 10 option

Microsoft is the latest browser vendor to join the encrypted DNS club by supporting DNS over HTTPS in Windows 10. (Naked Security)

Learn How to Play the Market with This Data-Driven Trading Bundle

If you're reading this, you're likely a tech-savvy coding pro whose analytical talents are mostly applied to designing apps, cracking passwords, and infiltrating networks — all of which are admirable activities for both aspiring and seasoned white hat hackers. But there are other profitable ways that you can put these types of skills to use, namely in the world of investment and trading.

Whether you're interested in beginning a full-fledged career as a day trader or simply want to earn some extra cash on the side, the Premium Novice-to-Expert Day Trading & Technical Analysis Bundle will teach... more (Null Byte « WonderHowTo)

Hackers Target Air-Gapped Military Networks

(News ≈ Packet Storm)

Mikroceen RAT Backdoors Asian Government Networks

(News ≈ Packet Storm)

TikTok Accused Of Breaching US Child Privacy Regulations

(News ≈ Packet Storm)

READ: The Full Draft CDC Guidelines On Reopening From Stay-At-Home Orders

(News ≈ Packet Storm)

WordPress Malware Collects Sensitive WooCommerce Data

During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in a compromised hosting environment. These compromised websites are victims of the ongoing wave of exploits against vulnerable WordPress plugins. Why are WooCommerce websites being targeted? WooCommerce is a powerful WordPress plugin that can help a website owner set up an ecommerce store. WooCommerce’s popularity has allowed it to quickly grow a large market share and become one of the biggest ecommerce platforms in the world. Continue reading WordPress Malware Collects Sensitive WooCommerce Data at Sucuri Blog. (Sucuri Blog)

HTTP Status Codes Command This Malware How to Control Hacked Systems

A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.

The cyberespionage malware—traced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victims—spread via an initial dropper that masks itself as (The Hacker News)

Hoaxcalls Botnet Exploits Symantec Secure Web Gateways

The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the security gateway. (Threatpost)

News Wrap: Ransomware Extortion Tactics, Contact-Tracing App Security Worries

Threatpost editors discuss recent ransomware attacks and contact-tracing app privacy concerns. (Threatpost)

RATicate Group Hits Industrial Firms With Revolving Payloads

A new threat group uses NSIS as an installer to target industrial companies with revolving payloads, including LokiBot, FormBook, BetaBot, Agent Tesla and Netwire. (Threatpost)

Paying Ransomware Crooks Doubles Clean-up Costs, Report

Paying ransom to cybercriminals costs companies hit with ransomware attacks more than recovering data on their own, according to a new research. (Threatpost)


/security-daily/ 16-05-2020 23:44:21