ISBuzz Team

A new malware called CARROTBALL, used as a second-stage payload in targeted attacks, was distributed in phishing email attachments delivered to a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea. CARROTBALL came in a Microsoft Word document acting as a lure for the target, from a Russian email address. The topic was geopolitical relations issues regarding North Korea, Bleeping Computer reported. https://twitter.com/BleepinComputer/status/1220626327050637312

Following widespread criticism of Nick Clegg’s suggestion that end-to-end encrypted messages could not be hacked, please find the comments below from security experts Derek believes companies such as Facebook risk opening the door to hackers by neglecting software hygiene. Clegg’s lack of understanding of the problem is typical of board-level ignorance of application security, and the need for multiple layers of application security practices to ensure that consumers are protected from cyber-attacks. https://twitter.com/BBCr4today/status/1220631511101210630

Two New York state senators have proposed two bills that ban local municipalities and other government entities from using taxpayer money for paying ransomware demands. Bill (S7246), proposed by Republican NY Senator Phil Boyle on January 14 ,and bill (S7289) introduced by Democrat NY Senator David Carlucci on January 16 are similar with the only difference being that S7246 also proposes the creation of a state fund to help local municipalities improve their cyber-security posture. https://twitter.com/campuscodi/status/1220458863192936453

Colin Bastable, CEO of security awareness & training company Lucy Security, has issued comment and analysis of the newly reported Citibank phishing scam.

NETGEAR recently issued a security advisory about a Transport Layer Security (TLS) certificate private key disclosure vulnerability on several of its routers. And this is apparently not the first time the company left TLS certificates and private keys exposed in their wireless router firmware. The certificates and their private keys were embedded into the software, which was available to download for free on a public website where anyone could find it, and with a little skill read the private key. The keys could be used to intercept and tamper with secure connections (man-in-the-middle attacks) and essentially, any of the compromised routers can…

Artificial intelligence (AI) has become integrated into our everyday lives. It powers what we see in our social media newsfeeds, activates facial recognition (to unlock our smartphones), and even suggests music for us to listen to. Machine learning, a subset of AI, is progressively integrating into our everyday and changing how we live and make decisions.  Machine Learning in Finance Business changes all the time, but advances in today’s technologies have accelerated the pace of change. Machine learning analyses historical data and behaviours to predict patterns and make decisions. It has proved hugely successful in retail for its ability to tailor products and services…

This coming Tuesday, January 28, marks International Data Privacy Day.  Powered by the National Cyber Security Alliance, Data Privacy Day “encourages consumers to own their privacy and businesses to improve their data privacy practices.”

Active Directory expert Gerrit Lansing, field CTO at STEALTHbits Technologies, addressed this week’s discovery of a new module for the TrickBot trojan that targets the Active Directory database stored on compromised Windows domain controllers.

Cybercriminals targeted a U.S. government agency with a spear-phishing campaign that leverages the increasing geopolitical relations issues surrounding North Korea to lure targets into opening malicious email attachments that contain malware strains, including a never-before-seen malware downloader, coined “Carrotball”. The fraudulent emails were sent from four different Russian email addresses to 10 unique targets.

According to Reuters, Apple dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations. The tech giant’s reversal, about two years ago, has not previously been reported. It shows how much Apple has been willing to help U.S. law enforcement and intelligence agencies, despite taking a harder line in high-profile legal disputes with the government and casting itself as a defender of its customers’ information.