Daily NCSC-FI news followup 2019-06-05

The EU Found Out That Its Embassy In Moscow Had Been Hacked But Kept
It A Secret
www.buzzfeednews.com/article/albertonardelli/eu-embassy-moscow-hack-russia
A sophisticated cyber espionage event began in February 2017. Russian
entities are believed to be behind the hack, a source told BuzzFeed
News.

The Most Expensive Lesson Of My Life: Details of SIM port hack
medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124
I lost north of $100,000 last Wednesday. It evaporated over a 24-hour
time span in a SIM port attack that drained my Coinbase account.

Twitterbots: Anatomy of a Propaganda Campaign
www.symantec.com/blogs/threat-intelligence/twitterbots-propaganda-disinformation
Internet Research Agency archive reveals a vast, coordinated campaign
that was incredibly successful at pushing out and amplifying its
messages.. The operation was carefully planned, with accounts often
registered months before they were used and well in advance of the
2016 U.S. presidential election. The average time between account
creation and first tweet was 177 days.. In October 2018, Twitter
released a massive dataset of content posted on its service by the
Internet Research Agency (IRA), a Russian company responsible for the
largest propaganda campaign directed against the U.S.

UK Hasn’t Made Sufficient Progress for National Security Strategy
www.infosecurity-magazine.com/news/uk-hasnt-made-progress-security/
The National Cyber Security Centre (NCSC) has dealt with over 1,100
cybersecurity incidents since it was established in October 2016. CSC
chair Meg Hillier says that the UK will need to protect itself against
risks created by more and more services going online, but there is
concern that consumers do not know how well they are protected: “We
welcome the National Cyber Security Strategy but are concerned that
the program designed to deliver it is insufficien

440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups
threatpost.com/android-completely-obnoxious-pop-ups/145390/
The mobile ad plugin, found in hundreds of Google Play apps, uses
well-honed techniques from malware development to hide itself.. Over
440 million Android phones have been exposed to an obnoxious
advertising plugin hidden within hundreds of popular applications
available via Google Play, which ultimately can render phones almost
unusable.

Infosecurity Europe: Easing the Clash Between IT and OT
threatpost.com/infosecurity-europe-easing-the-clash-between-it-and-ot/145334/
Experts at Infosecurity Europe shed light on how IT and operational
technology teams can better collaborate as industrial IoT takes hold.

Crime doesn’t pay? Crime doesn’t do secure coding, either: Akamai
bug-hunters find hijack hole in bank phishing kit
www.theregister.co.uk/2019/06/05/akamai_phishing_kit_vuln/
Phishing kits used by miscreants to build webpages that steal
victims’ personal information and money by masquerading as legit
websites harbor vulnerabilities that can be exploited by other
miscreants to pilfer freshly stolen data.

Apple bans ads, third-party tracking in apps meant for kids
nakedsecurity.sophos.com/2019/06/05/apple-bans-ads-third-party-tracking-in-apps-meant-for-kids/
On Monday, Apple updated the Kids category in its App Store developer
guidelines to include a new ban on third-party advertising or
analytics (which are ostensibly used for tracking) in content aimed at
younger audiences.. Previously, the guidelines only restricted
behavioral advertising tracking e.g., advertisers werent allowed to
serve ads based on kids activity, plus ads had to be appropriate for
young audiences.

You might be interested in …

Daily NCSC-FI news followup 2020-10-08

Saitko tekstiviestin Postin nimissä? Varothan, viesti voi olla huijaus www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/saitko-tekstiviestin-postin-nimissa-varothan-viesti-voi-olla-huijaus Päivitetty 07.10.2020 14:28. Uudessa huijaustyypissä tekstiviestillä lähetetystä linkistä aukeava kalastelusivu muuntautuu päätelaitteesi mukaan: iOS-laitteilta kalastellaan iCloud-tunnuksia, Androideille tarjotaan haitallista sovellusta (.apk-paketti). Android Users Beware: Delete These 240 Malicious Apps Now www.forbes.com/sites/kateoflahertyuk/2020/10/08/android-users-beware-delete-these-240-malicious-apps-now/ Android users need to check their devices today after security researchers revealed 240 malicious […]

Read More

Daily NCSC-FI news followup 2020-04-30

Osataanko teillä torpata tietoturvauhkia? Kyberharjoittelusta hyötyvät kaikki www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/osataanko-teilla-torpata-tietoturvauhkia-kyberharjoittelusta-hyotyvat-kaikki Nyt tehdään mielikuvitusreissu tavalliseen toimistotyöpäivään Kyberilän vesihuollossa, jossa sähköpostejaan läpikäyvä Pirjo saa varsin houkuttelevan tarjouksen. Hän on yksi tuhansista ammattilaisista, joiden työpanos on olennainen, kun varmistamme yhteiskuntamme sujuvaa toimintaa muun muassa tietoturvallisilla työtavoilla. . Tilanteita ja toimintatapoja kannattaa jokaisen harjoitella etukäteen. Me voimme auttaa. Kyberturvallisuuskeskus kartoittaa suojaamattomia […]

Read More

Daily NCSC-FI news followup 2019-12-16

Inside Evil Corp, a $100M Cybercrime Menace krebsonsecurity.com/2019/12/inside-evil-corp-a-100m-cybercrime-menace/ The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself Evil Corp and stole roughly $100 million from businesses and consumers. As […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.