Daily NCSC-FI news followup 2019-07-12

Buhtrap group uses zeroday in latest espionage campaigns

www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/ ESET research reveals notorious crime group also conducting espionage campaigns for the past five years

Over 17,000 Domains Infected with Code that Steals Card Data

www.bleepingcomputer.com/news/security/over-17-000-domains-infected-with-code-that-steals-card-data/ Cybercriminals running Magecart operations have added payment card skimming code to more than 17,000 domains with JavaScript files in misconfigured Amazon S3 buckets.

Microsoft Adds Automatic Phishing Detection to Microsoft Forms

www.bleepingcomputer.com/news/security/microsoft-adds-automatic-phishing-detection-to-microsoft-forms/ “In order to make Forms a more secure service, we are going to enable automatic phishing detection to prevent our customers from losing sensitive data via phishing forms,” says an update to the Microsoft 365 Roadmap.

Unusual Linux Ransomware Targets NAS Servers

threatpost.com/linux-ransomware-nas-servers/146441/ A rare instance of ransomware targeting Linux-based file storage systems (network-attached storage servers, specifically) has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to researchers, so targets are expected to proliferate.

Train maker’s coder goes loco, choo-choo-chooses to flee to China with top-secret code allegedly

www.theregister.co.uk/2019/07/12/train_software_theft/ The case is one of a number involving allegations of US-based developers and engineers fleeing to China while in possession or trade secrets. In March, a former Tesla engineer was sued for lifting trade secrets from the Musk-y auto outfit with the intent of taking them to a Chinese rival, and last year a trio of Micron engineers were charged with stealing confidential docs from the chipmaker on behalf of two China-based outfits. ®

You might be interested in …

Daily NCSC-FI news followup 2020-08-06

Australia’s 2020 Cyber Security Strategy www.pm.gov.au/media/australias-2020-cyber-security-strategy The Morrison Governments 2020 Cyber Security Strategy outlines how we will keep Australian families and businesses secure online, protect and strengthen the security and resilience of Australias critical infrastructure and ensure law enforcement agencies have the powers and technical capabilities to detect, target, investigate and disrupt cybercrime, including on […]

Read More

Daily NCSC-FI news followup 2020-10-28

Vastaamo-kiristäjä pysyi piilossa vaikka lunnaiden maksuaika umpeutui nyt uhkana uhrien identiteettivarkaudet yle.fi/uutiset/3-11618253 Kiristäjä ei tiettävästi julkaissut uusia henkilötietoja tai potilaskertomuksia tiistaina, kuten uhkasi. Vastaamo-kiristyksen uhrien tietoja levitetään nyt uudella tavalla asiantuntijat: Harkitse tarkkaan, mitä kirjoitat someen www.is.fi/digitoday/art-2000006702529.html Tiedetään, että idiootit pimeässä verkossa ovat jo levittäneet poliisien, kansanedustajien ja muiden julkisuuden henkilöiden potilastietoja, sanoo F-Securen tietoturvajohtaja […]

Read More

Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080 Ransomware accounted for 41% of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.