Pages

Friday, June 04, 2021

Microsoft warns of current Nobelium phishing

Techmeme: How Online Criminals Are Turning To Unlicensed Crypto Exchanges And Over-The-Counter Crypto Brokers To Cash...





Fortune: “In 2021, the number of women running businesses on the Fortune 500 hit an all-time record: 41. But that’s not all. For the first time two Black women are running Fortune 500 businesses (Roz Brewer of No 16. Walgreens Boots Alliance and Thasunda Brown Duckett of No. 79 TIAA) —and another executive is making history at the helm of the highest-ranking business ever run by a female CEO (Karen Lynch of No. 4 CVS Health).


The New York Times – “Last month, Apple released an update to its operating system, iOS 14.5, which gives users more control of their personal data. But if you’re looking to gain more control over the iPhone itself, you also have options. Want to put your favorite apps within easy reach, tag friends in Messages or set your preferred browser to open links? You can do all that and more.Here are a few quick tips for enhancing the iPhone experience. Next week’s Tech Tip column will round up a few helpful hints for the Android faithful…”


ZDNET – Microsoft warns of current Nobelium phishing campaign impersonating USAID: “Russian-backed group gained control of email marketing platform used by USAID to ramp up its attacks…”

Microsoft Blog: “This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations. This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations. While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries. At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work. Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020. These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts. Nobelium launched this week’s attacks by gaining access to the Constant Contact account of USAID. Constant Contact is a service used for email marketing. From there, the actor was able to distribute phishing emails that looked authentic but included a link thatwhen clickedinserted a malicious file used to distribute a backdoor we call NativeZone. This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network. You can read more about the technical aspects of these attacks in this blog post from the Microsoft Threat Intelligence Center (MSTIC).Many of the attacks targeting our customers were blocked automatically, and Windows Defender is blocking the malware involved in this attack. We’re also in the process of notifying all of our customers who have been targeted. We detected this attack and identified victims through the ongoing work of the MSTIC team in tracking nation-state actors. We have no reason to believe these attacks involve any exploit against or vulnerability in Microsoft’s products or services…”


Subject: FBI: Conti Ransomware Gang Behind Ireland Attack Also Hit 16 U.S. Health and Emergency Networks
Source: Gizmodo
https://gizmodo.com/fbi-conti-ransomware-gang-behind-ireland-attack-also-h-1846946291

The same hackers that took down the Irish health system last week also hit at least 16 U.S. medical and first responder networks in the past year, according to a Federal Bureau of Investigation alert made public Thursday by the American Hospital Association.


Building global open-access knowledge on Digital Self-Determination