Daily NCSC-FI news followup 2019-07-10

Lapin Kansa: Kemin kaupungin tietoliikenneverkossa poikkeuksellisen pitkä vikatilanne syytä selvitetään

www.lapinkansa.fi/lappi/kemin-kaupungin-tietoliikenneverkossa-poikkeuksellisen-pitka-vikatilanne-syyta-selvitetaan-3596802/

Zoom reverses course to kill off Mac local web server

www.zdnet.com/article/zoom-reverses-course-to-kill-off-mac-local-web-server/ Less than a day after backing its approach to get around Safari restrictions on Mac, Zoom’s local web server is no more.

New FinSpy iOS and Android implants revealed ITW

securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/ FinSpy is spyware made by the German company Gamma Group. Through its UK-based subsidiary Gamma International Gamma Group sells FinSpy to government and law enforcement organizations all over the world. FinSpy is used to collect a variety of private user information on various platforms. Its implants for desktop devices were first described in 2011 by Wikileaks and mobile implants were discovered in 2012.

Agent Smith: The New Virus to Hit Mobile Devices

blog.checkpoint.com/2019/07/10/agent-smith-android-malware-mobile-phone-hack-virus-google/ Check Point Researchers recently discovered a new variant of mobile malware that has quietly infected around 25 million devices, while the user remains completely unaware. Disguised as a Google related application, the core part of the malware exploits various known Android vulnerabilities and automatically replaces installed apps on the device with malicious versions without the users interaction.

New Miori Variant Uses Unique Protocol to Communicate with C&C

blog.trendmicro.com/trendlabs-security-intelligence/new-miori-variant-uses-unique-protocol-to-communicate-with-cc/ We first detailed a new Mirai variant called Miori in a report late last year after finding the malware spreading via a ThinkPHP Remote Code Execution (RCE) vulnerability. It has recently reappeared bearing a notable difference in the way it communicates with its command-and-control (C&C) server.

Windows zeroday CVE20191132 exploited in targeted attacks

www.welivesecurity.com/2019/07/10/windows-zero-day-cve-2019-1132-exploit/ ESET research discovers a zero-day exploit that takes advantage of a local privilege escalation vulnerability in Windows

Hackers breached Greece’s top-level domain registrar

www.zdnet.com/article/hackers-breached-greeces-top-level-domain-registrar/#ftag=RSSbaffb68 Sea Turtle group returns with new attacks; continues DNS hijacking spree.. State-sponsored hackers have breached ICS-Forth, the organization that manages Greece’s top-level domain country codes of .gr and .el.

Poliisi varoittaa satoja tuhansia euroja vieneistä petoksista: Huijarit esiintyvät hyvin vakuuttavasti

www.is.fi/digitoday/tietoturva/art-2000006169324.html?ref=rss Toimitusjohtajahuijausten sähköpostit ovat usein erittäin aidon tuntuisia. Yleensä ne ovat myös kiireelliseksi merkittyjä.

Logitechin usb-vastaanottimissa on haavoittuvuuksia, joita ei näillä näkymin kaikkia korjata. Asiasta kertoo Heise.

www.is.fi/digitoday/tietoturva/art-2000006168851.html?ref=rss Tutkija Marcus Mengsin mukaan aukot mahdollistavat näppäinpainallusten salakuuntelun esimerkiksi salasanojen varastamiseksi. Pahempikin on mahdollista: Langaton hyökkääjä pystyy myös lähettämään haavoittuvalla palikalla varustettuun tietokoneeseen mitä tahansa komentoja esimerkiksi sen saastuttamiseksi haittaohjelmalla.. also:

www.bleepingcomputer.com/news/security/logitech-unifying-receivers-vulnerable-to-key-injection-attacks/

Microsoft Azure AD FIDO2 Passwordless Sign-In in Public Preview

www.bleepingcomputer.com/news/microsoft/microsoft-azure-ad-fido2-passwordless-sign-in-in-public-preview/

New eCh0raix Ransomware Brute-Forces QNAP NAS Devices

www.bleepingcomputer.com/news/security/new-ech0raix-ransomware-brute-forces-qnap-nas-devices/

Financial Impact of Cybercrime Exceeded $45B in 2018

www.darkreading.com/risk/financial-impact-of-cybercrime-exceeded-$45b-in-2018/d/d-id/1335199

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.