Daily NCSC-FI news followup 2019-06-19

Apu: Kyberhyökkäys tietoverkkoihin voisi pimentää Suomen oletko varautunut?


Kiinan tiedustelupalvelu värvää vakoilijoita LinkedInissä myös suomalaisia ulkopolitiikan asiantuntijoita lähestytty

yle.fi/uutiset/3-10838995 Raportin on laatinut Ulkopoliittisen instituutin ohjelmajohtaja Mika Aaltola.

Quick Detect: Exim “Return of the Wizard” Attack

isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ =Thanks to our reader Alex for sharing some of his mail logs with the latest attempts to exploit CVE-2019-10149 (aka “Return of the Wizard”). The vulnerability affects Exim and was patched about two weeks ago. There are likely still plenty of vulnerable servers, but it looks like attackers are branching out and are hitting servers not running Exim as well.

ESS: Hyvinvointiyhtymä lähetti turhia laskuja, sotkun syytä selvitetään – vastuun välttely tapahtuneesta alkoi saman tien

www.ess.fi/uutiset/paijathame/art2549228 Virhelaskut liittyivät yhtymässä tehtyyn tietojärjestelmän päivitykseen, jossa huoltokatkon aikana syntyi virheellistä laskuttamista. Näin tapahtui, koska vanhaa maksuliikennettä alettiin automaattisesti käsitellä osittain uudelleen.

ESS: Kirjastojärjestelmä on saatu toimimaan Lahden kirjastoissa viimeviikkoinen kyberhyökkäys vaikuttaa kaupungin palveluihin yli juhannuksen


Ryuk Ransomware Adds IP and Computer Name Blacklisting

www.bleepingcomputer.com/news/security/ryuk-ransomware-adds-ip-and-computer-name-blacklisting/ A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted.. When BleepingComputer asked Kremez why he felt they were making these checks, he told us that it was likely to avoid encrypting computers in Russia.

Oracle patches another actively-exploited WebLogic zero-day

www.zdnet.com/article/oracle-patches-another-actively-exploited-weblogic-zero-day/ Oracle released an out-of-band security update to fix a vulnerability in WebLogic servers that was being actively exploited in the real world to hijack users’ systems.. Attacks using this vulnerability were first reported by Chinese security firm Knownsec 404 Team on June 15, last Saturday.

You might be interested in …

Daily NCSC-FI news followup 2021-01-01

Inbox Attacks: The Miserable Year (2020) That Was threatpost.com/miserable-spam-year-2020/162566/ Purging your inbox has become a year-end tradition for many. A short hiatus for the holidays often provides a quiet moment to flush the previous year’s mountain of spam. And, from the looks of our 2020 inbox, years of herculean efforts to harden email defenses have […]

Read More

Daily NCSC-FI news followup 2020-02-11

Will an immobilizer save your car from being stolen? www.kaspersky.com/blog/36c3-immobilizers/32419/ Automobiles are getting ever smarter, and cracking them with a crowbar and a screwdriver is getting ever more difficult. Statistics back up that assumption: According to research from Jan C. van Ours and Ben Vollaard highlighting car theft and recovery data, vehicle theft decreased by […]

Read More

Daily NCSC-FI news followup 2019-10-19

Schneier: Why Technologists Need to Get Involved in Public Policy www.schneier.com/blog/archives/2019/10/why_technologis.html US stopped using floppy disks to manage nuclear weapons arsenal www.zdnet.com/article/us-stopped-using-floppy-disks-to-manage-nuclear-weapons-arsenal/ The system was created in 1968 and has been running for nearly 50 years on top of an IBM Series/1 mainframe, using 8-inch floppy disks as its storage medium. US.GOV: Mind Your Own […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.