Tag Archive for: Urges

NCSC urges timely reporting of ransomware attacks | Jordan News

/in


Ammon News – The National Cyber Security Center (NCSC) has issued a call to action for institutions across the country, urging them to immediately report any suspicion of ransomware threats, in light of the recent surge in cyber attacks.

In a statement on Sunday, the Center revealed that numerous institutions targeted by ransomware fail to notify the authorities, thereby violating the Cyber Security Law, which mandates reporting of all cybersecurity breaches to the center.

“This crucial reporting enables the NCSC to take swift and necessary actions to contain the attack, prevent its propagation to other entities within the country, and leverage its resources to aid in the recovery of critical information and services,” the statement added.

Recent findings by the Center indicate a significant surge in ransomware incidents impacting national companies, government entities, academic institutions, and private businesses across Jordan since the start of the current year. Such attacks have severely disrupted their operations, hampering their ability to deliver essential services and, in certain cases, leading to irrecoverable data losses.

The Center highlighted that particularly concerning instances are where entities lack comprehensive business continuity and disaster recovery plans. Regrettably, the extent of financial losses incurred by these institutions remains difficult to accurately quantify.

Additionally, the NCSC pointed to the existence of a specialized intelligence unit, working in collaboration with other security agencies, to gather and analyze intelligence on cyberattacks originating from international hacking and piracy groups targeting national institutions. This unit possesses the capability to monitor and trace these cyber campaigns, effectively identifying the affected national entities.

Consequently, the Center stresses the utmost importance of timely reporting from all national institutions, as it serves the greater national interest and offers considerable benefits to the victims.

To enforce compliance with cybersecurity protocols, the Cyber Security Law empowers the Center to impose financial penalties on entities found to be non-compliant with reporting regulations….

Source…

NCC urges adoption of two-factor authentication to protect telegram accounts against attack – The Sun Nigeria

/in


From Adanna Nnamani, Abuja

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users to adopt two-factor authentication to protect their Telegram accounts and to avoid downloading unauthorized Advanced IP Scanner Software.

This, the  NCC says is in response to the discovery of a new attack that compromises victims’ VPN (Virtual Private Network) accounts to compromise messaging app, Telegram.

According to a statement from the Commission, Ukrainian cyber experts discovered the attack, which uses Vidar Malware (Vidar Stealer) to steal Telegram session data, which in the absence of configured two-factor authentication and a passcode, allows unauthorized access to the victim’s telegram account and corporate account or network.

“The malware, which exploits unauthorized access to users’ Telegram accounts and corporate accounts to steal data, targets platforms across iOS, Android, Linux, Mac and Windows Operating Systems.

“The Ukrainian CERT alleged that a Somnia Ransomware was created to be used on Telegram that tricks users to download an installer that mimics ‘Advanced IP Scanner’ software, which contains Vidar Malware. The installer infects the system with the Vidar stealer, which steals the victim’s Telegram session data to take control of their account.

“The threat actors abuse the victim’s Telegram account in some unspecified manner to steal VPN connection data (authentication and certificates). If the VPN account is not protected by two-factor authentication passcode, the hackers use it to gain unauthorized access to the victim’s employer’s corporate network”, the alert and advisory states.

“Once inside, the intruders conduct reconnaissance work using tools like Netscan, Rclone, Anydesk, and Ngrok, to perform various surveillance and remote access activities, and then deploy a Cobalt Strike beacon, exfiltrating data using the Rclone program,” the report stated.

“The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large. The CSIRT also works collaboratively with…

Source…

Saudi urges WhatsApp users to update app to avoid malware threat

/in


Saudi cybersecurity urges WhatsApp users to update app to avoid malware threat

Riyadh: The authorities in the Kingdom of Saudi Arabia (KSA) on Sunday urged users of the WhatsApp application to update their app to avoid serious malware threats.

The national indicative centre for cyber ​​security, in Saudi Arabia, warned of security flaws in the WhatsApp application.

The centre, which is affiliated with the Kingdom’s national cybersecurity authority, said in its warning, “WhatsApp has issued several updates to address the vulnerabilities.”

MS Education Academy

It explained that the vulnerabilities exist in WhatsApp applications for the Android system prior to version 2.22.16.12, and before version 2.22.16.2.

There are also gaps in the WhatsApp Business application for Android before version 2.22.16.12, and WhatsApp iOS before version 2.22.16.12 and 2.22.15.9.

The centre stated that the threats consist in enabling the attacker to exploit the vulnerabilities by executing malicious software remotely.

According to data from Kaspersky, a cybersecurity company, published in February, the year 2021 saw a significant increase in attacks targeting mobile phones in Saudi Arabia by 19 per cent.

Subscribe us on The Siasat Daily - Google News

Source…

NCC-CSIRT urges stronger security measures to prevent ransomware attacks – WorldStage

/in


WorldStage Newsonline– The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has urged organisations to adopt stronger cybersecurity measures.

These measures include ensuring that organisations’ employees use strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it is supported to prevent ransomware attacks as well as advising organisations to ensure regular systems backup.

The NCC-CSIRT’s warning contained in its advisory of August 12, 2022, came after the Yanluowang threat actors gained access to Cisco’s network using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synced from their browser.

Ransomware is a malware designed to deny a user or organization access to files on their computer until they pay the attackers.

Cisco reported the security incident on its corporate network but said it did not identify any impact on its business although the threat actors had published a list of files from this security incident on the dark web on August 10.

NCC-CSIRT estimated potential damage from the incident to be critical while predicting that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure, as well as huge financial loss to organizations by incurring significant indirect costs and could also mar their reputations.

The team said, “The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.”

It further disclosed that “In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.

 “As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform…

Source…