Daily NCSC-FI news followup 2019-07-02

Cloudflare Worldwide Outage Caused by Bad Software Deployment

www.bleepingcomputer.com/news/technology/cloudflare-worldwide-outage-caused-by-bad-software-deployment/ Cloudfare experienced a worldwide outage today for about 30 minutes, with network performance issues that brought down a multitude of websites and web services all around the world, and triggered “502 Bad Gateway” errors.. see also


Kiristyshuijauksia liikkeellä runsaasti älä usko huijarien väitteitä

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kiristyshuijauksia-liikkeella-runsaasti-ala-usko-huijarien-vaitteita Huijarit ovat jälleen aktivoituneet aikuisviihdeteemaisten kiristysviestien lähettelyssä. Viestejä on lähetetty viime päivinä runsaasti myös huonosti suomeksi käännettyinä. Viestit ovat huijausta, eikä huijareille pidä missään nimessä maksaa lunnaita.

Tarjottiinko sinulle houkuttelevaa pikavippiä Kelan nimissä? Kela varoittaa pitkin kesää lähetyistä huijausviesteistä

www.aamulehti.fi/a/8bfd95bd-e5c7-4c79-8c0f-a645cb14c15d Kela on saanut useita ilmoituksia sen nimissä lähetyistä tietojenkalasteluviesteistä. Huijausviestissä tarjotaan vastaanottajalle pikavippiä.. Viestejä on lähetetty sähköpostitse ja tekstiviesteillä. Niiden tarkoitus on tietojenkalastelu (phishing), jolla pyritään urkkimaan henkilö- ja pankkitunnustietoja, tiedottaa Kela.

US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks

www.zdnet.com/article/us-wants-to-isolate-power-grids-with-retro-technology-to-limit-cyber-attacks/ The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result.


www.wired.com/story/ransomware-hits-georgia-courts-municipal-attacks-spread/ RANSOMWARE HAS NO shortage of cautionary tales and wakeup calls from the past decade. But for local governments, this past year has been a particularly brutal reminder of the threat. . The Administrative Office of the Georgia Courts became the latest victim on Saturday, when an attack knocked its systems offline.

BlueKeep: Researchers show how dangerous this Windows exploit could really be

www.zdnet.com/article/bluekeep-researchers-show-how-dangerous-this-windows-exploit-could-really-be/ Researchers develop a proof-of-concept attack after reverse engineering the Microsoft BlueKeep patch.. The CVE-2019-0708 vulnerability known as BlueKeep was first reported in May, and allows attackers to connected to Remote Desktop Protocol services (RDP) and issue commands which could steal or modify data, install malware and conduct other malicious activities.. The vulnerability is considered dangerous enough that Microsoft has repeatedly told users to apply the patches and even the USA’s National Security Agency (NSA) issued a public warning to patch against BlueKeep.

Android July 2019 Security Update Patches 33 New Vulnerabilities

thehackernews.com/2019/07/android-security-update.html Google has started rolling out this month’s security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity.

LooCipher: The New Infernal Ransomware

blog.yoroi.company/research/loocipher-the-new-infernal-ransomware/ A new Ransomware began to threats the digital world. This time using a nice but scary name: LooCipher. The name is at the same time an allusion to its capabilities (thank to the term Cipher) and to the popular religious figure, Lucifer.. Despite its evocative nickname, the functionalities of this malware are pretty straight forward, not very different from those belonging to many other ransomware families, but digging into its internals we also found elements suggesting its operators could be able to run large scale campaigns.

Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

threatpost.com/mac-malware-pushed-via-google-search-results-masquerades-as-flash-installer/146178/ A new malware is targeting Macs with new tactics to sniff out antivirus and virtual machines.

What is digital steganography?

www.kaspersky.com/blog/digital-steganography/27474/ We all know what it means to read between the lines in a figurative sense, but before we used modern technology to communicate with one another, people sometimes took it literally, such as by writing secret messages in invisible ink between the lines of a seemingly normal letter.

You might be interested in …

Daily NCSC-FI news followup 2020-06-24

Why cloud first is not a security problem www.ncsc.gov.uk/blog-post/why-cloud-first-is-not-a-security-problem When considering moving to the public cloud, one of the first questions is often, Is the cloud secure?. This is a natural question. Although the public cloud offers an impressive array of tools and services, hidden beneath that slick visible layer are the complex layers of […]

Read More

Daily NCSC-FI news followup 2020-01-21

Infiltrating Networks: Easier Than Ever Due to Evil Markets www.bleepingcomputer.com/news/security/infiltrating-networks-easier-than-ever-due-to-evil-markets/ Attackers don’t always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets.. Various levels of access are offered for prices starting $1,000 and increasing depending on how deep the […]

Read More

Daily NCSC-FI news followup 2020-06-10

Ransomware attacks spike by 140%, 57% of organizations agree to pay atlasvpn.com/blog/ransomware-attacks-spike-by-140-57-of-organizations-agree-to-pay Data extracted and analyzed by Atlas VPN reveals, the amounts of demanded ransom payments increased by 140%, comparing the numbers of 2018 to 2019. More and more organizations succumb to blackmail: 57% of organizations settled and paid the ransom during the last 12 […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.