Daily NCSC-FI news followup 2019-06-19

Apu: Kyberhyökkäys tietoverkkoihin voisi pimentää Suomen oletko varautunut?

www.apu.fi/artikkelit/kyberhyokkays-tietoverkkoihin-voisi-pimentaa-suomen

Kiinan tiedustelupalvelu värvää vakoilijoita LinkedInissä myös suomalaisia ulkopolitiikan asiantuntijoita lähestytty

yle.fi/uutiset/3-10838995 Raportin on laatinut Ulkopoliittisen instituutin ohjelmajohtaja Mika Aaltola.

Quick Detect: Exim “Return of the Wizard” Attack

isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ =Thanks to our reader Alex for sharing some of his mail logs with the latest attempts to exploit CVE-2019-10149 (aka “Return of the Wizard”). The vulnerability affects Exim and was patched about two weeks ago. There are likely still plenty of vulnerable servers, but it looks like attackers are branching out and are hitting servers not running Exim as well.

ESS: Hyvinvointiyhtymä lähetti turhia laskuja, sotkun syytä selvitetään – vastuun välttely tapahtuneesta alkoi saman tien

www.ess.fi/uutiset/paijathame/art2549228 Virhelaskut liittyivät yhtymässä tehtyyn tietojärjestelmän päivitykseen, jossa huoltokatkon aikana syntyi virheellistä laskuttamista. Näin tapahtui, koska vanhaa maksuliikennettä alettiin automaattisesti käsitellä osittain uudelleen.

ESS: Kirjastojärjestelmä on saatu toimimaan Lahden kirjastoissa viimeviikkoinen kyberhyökkäys vaikuttaa kaupungin palveluihin yli juhannuksen

www.ess.fi/uutiset/paijathame/art2549182

Ryuk Ransomware Adds IP and Computer Name Blacklisting

www.bleepingcomputer.com/news/security/ryuk-ransomware-adds-ip-and-computer-name-blacklisting/ A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted.. When BleepingComputer asked Kremez why he felt they were making these checks, he told us that it was likely to avoid encrypting computers in Russia.

Oracle patches another actively-exploited WebLogic zero-day

www.zdnet.com/article/oracle-patches-another-actively-exploited-weblogic-zero-day/ Oracle released an out-of-band security update to fix a vulnerability in WebLogic servers that was being actively exploited in the real world to hijack users’ systems.. Attacks using this vulnerability were first reported by Chinese security firm Knownsec 404 Team on June 15, last Saturday.

You might be interested in …

Daily NCSC-FI news followup 2021-09-12

Windows MSHTML zero-day exploits shared on hacking forums www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/ Threat actors are sharing Windows MSHTML zero-day (CVE-2021-40444) tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, […]

Read More

Daily NCSC-FI news followup 2021-07-22

Akamai DNS global outage takes down major websites, online services www.bleepingcomputer.com/news/security/akamai-dns-global-outage-takes-down-major-websites-online-services/ Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, Cloudflare, AWS, Amazon, Google, and Salesforce. Root cause – Akamai Edge DNS was down: edgedns.status.akamai.com/incidents/n5zl6dythvfv Researchers Hid Malware Inside an AI’s ‘Neurons’ And It Worked […]

Read More

Daily NCSC-FI news followup 2021-01-24

Listasimme verkkohuijausten uusimmat trendit ja keinoja niiden tunnistamiseen Moni huijaus tepsii aina uudestaan sillä kollektiivinen muisti unohtaa yle.fi/uutiset/3-11721481 Lue myös: www.kuluttajaliitto.fi/hankkeet/huijarit-kuriin/ Your Password Isn’t Safe: The Danger Of An Inactive Zombie’ Account www.forbes.com/sites/brookecrothers/2021/01/23/your-password-isnt-safe-the-danger-of-inactive-zombie-accounts/ WhatsApp BacklashStop Using Signal Or Telegram Until You Change These 4 Critical Settings www.forbes.com/sites/zakdoffman/2021/01/23/stop-using-signal-and-telegram-until-you-change-settings-after-whatsapp-and-imessage-privacy-backlash/ SonicWall firewall maker hacked using zero-day in its […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.