Daily NCSC-FI news followup 2019-07-14

Ongoing DNS hijacking and mitigation advice

www.ncsc.gov.uk/news/ongoing-dns-hijacking-and-mitigation-advice Since that alert was published we have observed further activity, with victims of DNS hijacking identified across multiple regions and sectors. This Advisory covers some of the risks for organisations around DNS hijacking activity and gives advice on ways the risks can be mitigated.. Report at


Guidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing

isc.sans.edu/diary/rss/25130 This type of scanning looking for vulnerable BIND server is nothing new and has been ongoing for pretty much the past 20 years. Checking what might be exploitable, the last BIND advisory was released less than a month ago [1] and is remotely exploitable.

Galileo Service Degraded On All Satellites Until Further Notice

archive.is/06GxM Our source inside the European GNSS Agency (GSA), which is the EU agency responsible for Galileo services, has told us They are working on it. Teams from industry and the Agencies are working 24/7 to restore the Galileo services as soon as possible to their nominal levels. The current estimation is that the services should be restored within 48 hours. In any case, we expect the service to be again nominal before the end of the weekend [13-14 July 201. Also https://www.gsc-europa.eu/notice-advisory-to-galileo-users-nagu-2019026

Loputon taistelu: Aina kun Niinisalossa on sotaharjoitus, Kankaanpään kaupungin palomuuriin kohdistuu poikkeuksellisen paljon kyberhyökkäyksiä https://www.iltalehti.fi/kotimaa/a/dbbdf78b-6b3e-4026-b823-2063aec1944c Jo viikkoa ennen sotaharjoitusten alkua ja niiden aikana kaupungin palomuuriin kohdistuu huomattavasti kovempaa painetta kuin normaalitilanteessa. Vastaavanlaisia havaintoja on tehty myös muissa varuskuntakaupungeissa, kertoo [tietohallintopäällikkö] Ehto. “Uskoisin, että hyökkäyksillä yritetään saada tietoa esimerkiksi vedenkulutuksesta tai sähkönkäytöstä. Mistä tahansa, mikä voisi liittyä varuskuntaan.”

Tikkakoski-tietovuoto: Kuka möhläsi, kuka valehteli ja kumpi on vakavampaa?

seura.fi/tolkun-henkilo/tikkakoski-tietovuoto-kuka-mohlasi-kuka-valehteli-ja-kumpi-on-vakavampaa/ Tolkun Henkilö kuuli salaisten viranomaistietojen jakeluun ja käsittelyyn perehtyneiltä asiantuntijoilta yhtä uskottavasti, että tässä tapauksessa vuoto on saattanut olla inhimillinen vahinko.

Threatlist: 68% of Overwhelmed IT Managers Cant Keep Up with Cyberattacks

threatpost.com/overwhelmed-it-managers-cyberattacks/146450/ Thats according to a research report The Impossible Puzzle of Cybersecurity, released Friday. In a survey of 3,100 IT managers across 12 countries (at organizations with 100 to 5,000 employees), two out of three of them said their organizations (68 percent) suffered a cyberattack in 2018, despite efforts to prevent them. This, despite the fact that a full 26 percent of ITS time, on average, is spent on cybersecurity issues.. report at


China Internet Report reveals how tech firms have gone from copycats to trailblazers

www.scmp.com/tech/apps-social/article/3018026/chinese-internet-firms-are-no-longer-copycats-heres-how-china Another key trend for China technology this year revolves around Chinas ambitions to lead in next-generation 5G technology networks. China currently holds the most number of 5G patents, and has 5G pilot projects going in over a dozen cities with a total population of 167 million, according to the report.. Report at

multimedia.scmp.com/infographics/china-internet/pdf/china_internet_report_2019.pdf. (The report was authored by the South China Morning Post)

You might be interested in …

Daily NCSC-FI news followup 2019-09-05

FunkyBot: A New Android Malware Family Targeting Japan www.fortinet.com/blog/threat-research/funkybot-malware-targets-japan.html Last year, FortiGuard Labs identified a malware campaign targeting Japanese users. The campaign impersonated a logistics company and deployed an Android malware called FakeSpy. We have been monitoring these actors and the phishing websites they created, and recently we noticed that they have started deploying a […]

Read More

Daily NCSC-FI news followup 2019-12-21

170m passwords stolen in September Zynga hack www.theguardian.com/games/2019/dec/19/170m-passwords-stolen-in-zynga-words-with-friends-hack-monitor-says Words With Friends company admitted hack in September but size only now revealed Siemens Contractor Jailed for Sabotage With Logic Bombs www.bleepingcomputer.com/news/security/siemens-contractor-jailed-for-sabotage-with-logic-bombs/ While his spreadsheets worked without flaw for years, starting in 2014 they suddenly began randomly crashing and glitching because of the logic bombs he inserted […]

Read More

Daily NCSC-FI news followup 2020-11-16

Verkkorikolliset yrittävät nyt kiristää varastetulla datalla tuplasti Yhä useampi raportoi, ettei tietoja ole palautettu lunnaiden maksun jälkeen www.kauppalehti.fi/uutiset/verkkorikolliset-yrittavat-nyt-kiristaa-varastetulla-datalla-tuplasti-yha-useampi-raportoi-ettei-tietoja-ole-palautettu-lunnaiden-maksun-jalkeen/5d70090b-104d-4950-a751-0… Esimerkiksi Revil-kiristysohjelmaa käyttäneet hakkerit olivat lähestyneet uhreja uudelleen viikkoja sen jälkeen, kun lunnaat oli vastaanotettu. Kun uhri saa lunnaat maksettuaan salausavaimen, sitä ei voida häneltä ottaa pois. Varastettujen tietojen avulla rikolliset sen sijaan voivat palata toiseen maksuun […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.