New Nefilim Ransomware Threatens to Release Victims’ Data
Another intimidation and pressure, new Nefilim ransomware using code like Nemty began to operate in the wild and threatened to disclose the stolen data.
Small business loans app blamed as 500,000 financial records leak out of … you guessed it, an open S3 bucket
Although the mobile application for lending money to small businesses does not exist, there are traces that are connected to public access. There is a great risk that many important information will leak out. According to the vpnMentor crew, the application has documents such as bank statements, photocopies of driving licenses, credit checks, a lot of tax information and technical security – all in an unsecured storage container AWS S3.
https://www.theregister.co.uk/2020/03/18/smb_loan_app_leaks/
Intel chipsets
For the last five years, Intel chipsets have a hole through which cybercriminals can easily bypass security and easily install malicious code – keylogger. A severe problem is not being able to patch the gap. The error is encoded in ROM, where the boot data is downloaded. It occurs at the hardware level; it cannot be removed. Unfortunately, this can lead to an imperceptible attack and infect millions of devices. However, there is good news; the attacker’s capabilities are minimal, even if he must have access to a computer or a local network. Additional security is the cryptographic key inside the programmable OTP memory. However, the encryption key is still vulnerable. The situation is dangerous, espionage is particularly sensitive. The problem is that the ROM allows you to take control before you secure the hardware with a cryptographic key, but that the error is irreparable seems only a matter of time to get that key. The error is in Intel chipsets sold for five years. The latest ten chipsets have improved. The company admits that it is impossible to repair the hole programmatically. A few days ago, a patch was released that solves the problem, but what counts is the time during which all potential attacks must be quarantined.
UK intelligence agency warns of cybercriminals exploiting the Coronavirus outbreak
In the age of coronavirus, the average user should be cautious about phishing and malware attacks. The National Cyber Security Center (NCSC) has described on its blog all vital information about potential attacks and their methods.
In Brief: Czech Republic’s second-largest hospital in Brno has suffered a cyber attack.
As if stupidity could float, we would see many hackers flying higher than skyscrapers. The next Cyber Attack was carried out in Brno is the second-largest hospital in the Czech Republic, where the coronavirus testing center located. Pandemics declare people’s fear of getting sick or dying, motivating people to fight for the world and stop the virus. Unfortunately for hackers, people are not necessary; only money counts and even drives them to attack and destroy hard work.
https://www.hackread.com/coronavirus-cyber-attacks-us-hhs-czech-testing-center/
A cyberattack hits the US Department of Health and Human Services
Another hit this time at the US Department of Health and Welfare. The cyberattack was supposed to slow down the agency’s systems. The matter is getting very serious despite the spreading virus, users, and organizations around the world are still under attack. Great chaos enveloped our world.
https://securityaffairs.co/wordpress/99744/hacking/us-health-and-human-services.html
Confucius
Pentagon to reconsider elements of $10bn JEDI contract awarded to Microsoft
As it turns out, the US Department of Defense (DoD) has expressed the need to reconsider aspects of the decision to award Microsoft a contract in the JEDI cloud that released in October for $ 10 billion. Amazon and Microsoft are once again waiting for a decision.
Europol Arrests 26 SIM Swapping Fraudsters For Stealing Over $3 Million
The increasingly popular and destructive hack is a smart trick used by cybercriminals who persuade cell phone operators to transfer telephony services to a SIM card under their control. Europol has recently arrested 26 people due to a robbery of EUR 3.5 million during the transfer of phone numbers of users through an attack involving the swap of SIM cards.
https://thehackernews.com/2020/03/sim-swapping-fraud-hacking.html
Researchers Discover New PXJ Ransomware Strain
Scientists have discovered a new strain of malware similar to ransomware-like features. When PJX infects a system, it starts a chain of attacks. The attack affects photos and images, databases, documents, movies, and other files on the device.
https://cyware.com/news/researchers-discover-new-pxj-ransomware-strain-a3776b1c