Daily NCSC-FI news followup 2019-07-02

Cloudflare Worldwide Outage Caused by Bad Software Deployment

www.bleepingcomputer.com/news/technology/cloudflare-worldwide-outage-caused-by-bad-software-deployment/ Cloudfare experienced a worldwide outage today for about 30 minutes, with network performance issues that brought down a multitude of websites and web services all around the world, and triggered “502 Bad Gateway” errors.. see also


Kiristyshuijauksia liikkeellä runsaasti älä usko huijarien väitteitä

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kiristyshuijauksia-liikkeella-runsaasti-ala-usko-huijarien-vaitteita Huijarit ovat jälleen aktivoituneet aikuisviihdeteemaisten kiristysviestien lähettelyssä. Viestejä on lähetetty viime päivinä runsaasti myös huonosti suomeksi käännettyinä. Viestit ovat huijausta, eikä huijareille pidä missään nimessä maksaa lunnaita.

Tarjottiinko sinulle houkuttelevaa pikavippiä Kelan nimissä? Kela varoittaa pitkin kesää lähetyistä huijausviesteistä

www.aamulehti.fi/a/8bfd95bd-e5c7-4c79-8c0f-a645cb14c15d Kela on saanut useita ilmoituksia sen nimissä lähetyistä tietojenkalasteluviesteistä. Huijausviestissä tarjotaan vastaanottajalle pikavippiä.. Viestejä on lähetetty sähköpostitse ja tekstiviesteillä. Niiden tarkoitus on tietojenkalastelu (phishing), jolla pyritään urkkimaan henkilö- ja pankkitunnustietoja, tiedottaa Kela.

US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks

www.zdnet.com/article/us-wants-to-isolate-power-grids-with-retro-technology-to-limit-cyber-attacks/ The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result.


www.wired.com/story/ransomware-hits-georgia-courts-municipal-attacks-spread/ RANSOMWARE HAS NO shortage of cautionary tales and wakeup calls from the past decade. But for local governments, this past year has been a particularly brutal reminder of the threat. . The Administrative Office of the Georgia Courts became the latest victim on Saturday, when an attack knocked its systems offline.

BlueKeep: Researchers show how dangerous this Windows exploit could really be

www.zdnet.com/article/bluekeep-researchers-show-how-dangerous-this-windows-exploit-could-really-be/ Researchers develop a proof-of-concept attack after reverse engineering the Microsoft BlueKeep patch.. The CVE-2019-0708 vulnerability known as BlueKeep was first reported in May, and allows attackers to connected to Remote Desktop Protocol services (RDP) and issue commands which could steal or modify data, install malware and conduct other malicious activities.. The vulnerability is considered dangerous enough that Microsoft has repeatedly told users to apply the patches and even the USA’s National Security Agency (NSA) issued a public warning to patch against BlueKeep.

Android July 2019 Security Update Patches 33 New Vulnerabilities

thehackernews.com/2019/07/android-security-update.html Google has started rolling out this month’s security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity.

LooCipher: The New Infernal Ransomware

blog.yoroi.company/research/loocipher-the-new-infernal-ransomware/ A new Ransomware began to threats the digital world. This time using a nice but scary name: LooCipher. The name is at the same time an allusion to its capabilities (thank to the term Cipher) and to the popular religious figure, Lucifer.. Despite its evocative nickname, the functionalities of this malware are pretty straight forward, not very different from those belonging to many other ransomware families, but digging into its internals we also found elements suggesting its operators could be able to run large scale campaigns.

Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

threatpost.com/mac-malware-pushed-via-google-search-results-masquerades-as-flash-installer/146178/ A new malware is targeting Macs with new tactics to sniff out antivirus and virtual machines.

What is digital steganography?

www.kaspersky.com/blog/digital-steganography/27474/ We all know what it means to read between the lines in a figurative sense, but before we used modern technology to communicate with one another, people sometimes took it literally, such as by writing secret messages in invisible ink between the lines of a seemingly normal letter.

You might be interested in …

Daily NCSC-FI news followup 2020-11-21

Leaky Buddies: Cross-Component Covert Channels on Integrated CPU-GPU Systems arxiv.org/pdf/2011.09642.pdf Integrated GPUs share some resources with the CPU and as a result, there is a potential for microarchitectural attacks from the GPU to the CPU or vice versa. We believe this type of attack, crossing the component boundary (GPU to CPU or vice versa) is […]

Read More

Daily NCSC-FI news followup 2020-05-12

Coronavirus cyber-attacks update: beware of the phish blog.checkpoint.com/2020/05/12/coronavirus-cyber-attacks-update-beware-of-the-phish/ While we all try to get used to the Covid-19 pandemics new normal in our work and home lives, this year has been a time of unprecedented opportunity for cyber-criminals. The global response to the pandemic, and our desire for the latest information about it, has supercharged […]

Read More

Daily NCSC-FI news followup 2021-05-19

Email attachment believed to have opened door to cyber-attack on Waikato hospitals www.stuff.co.nz/national/125175283/email-attachment-believed-to-have-opened-door-to-cyberattack-on-waikato-hospitals This crashed phone lines and computers on Tuesday morning, blocking all information technology (IT) services except email in Waikato, Thames, Tokoroa, Te Kiti and Taumarunui hospitals. Evil Logitech – erm I ment USB cable luemmelsec.github.io/Building-An-Evil-USB-Cable/ I already heared about something like this […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.