Daily NCSC-FI news followup 2019-07-14

Ongoing DNS hijacking and mitigation advice

www.ncsc.gov.uk/news/ongoing-dns-hijacking-and-mitigation-advice Since that alert was published we have observed further activity, with victims of DNS hijacking identified across multiple regions and sectors. This Advisory covers some of the risks for organisations around DNS hijacking activity and gives advice on ways the risks can be mitigated.. Report at


Guidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing

isc.sans.edu/diary/rss/25130 This type of scanning looking for vulnerable BIND server is nothing new and has been ongoing for pretty much the past 20 years. Checking what might be exploitable, the last BIND advisory was released less than a month ago [1] and is remotely exploitable.

Galileo Service Degraded On All Satellites Until Further Notice

archive.is/06GxM Our source inside the European GNSS Agency (GSA), which is the EU agency responsible for Galileo services, has told us They are working on it. Teams from industry and the Agencies are working 24/7 to restore the Galileo services as soon as possible to their nominal levels. The current estimation is that the services should be restored within 48 hours. In any case, we expect the service to be again nominal before the end of the weekend [13-14 July 201. Also https://www.gsc-europa.eu/notice-advisory-to-galileo-users-nagu-2019026

Loputon taistelu: Aina kun Niinisalossa on sotaharjoitus, Kankaanpään kaupungin palomuuriin kohdistuu poikkeuksellisen paljon kyberhyökkäyksiä https://www.iltalehti.fi/kotimaa/a/dbbdf78b-6b3e-4026-b823-2063aec1944c Jo viikkoa ennen sotaharjoitusten alkua ja niiden aikana kaupungin palomuuriin kohdistuu huomattavasti kovempaa painetta kuin normaalitilanteessa. Vastaavanlaisia havaintoja on tehty myös muissa varuskuntakaupungeissa, kertoo [tietohallintopäällikkö] Ehto. “Uskoisin, että hyökkäyksillä yritetään saada tietoa esimerkiksi vedenkulutuksesta tai sähkönkäytöstä. Mistä tahansa, mikä voisi liittyä varuskuntaan.”

Tikkakoski-tietovuoto: Kuka möhläsi, kuka valehteli ja kumpi on vakavampaa?

seura.fi/tolkun-henkilo/tikkakoski-tietovuoto-kuka-mohlasi-kuka-valehteli-ja-kumpi-on-vakavampaa/ Tolkun Henkilö kuuli salaisten viranomaistietojen jakeluun ja käsittelyyn perehtyneiltä asiantuntijoilta yhtä uskottavasti, että tässä tapauksessa vuoto on saattanut olla inhimillinen vahinko.

Threatlist: 68% of Overwhelmed IT Managers Cant Keep Up with Cyberattacks

threatpost.com/overwhelmed-it-managers-cyberattacks/146450/ Thats according to a research report The Impossible Puzzle of Cybersecurity, released Friday. In a survey of 3,100 IT managers across 12 countries (at organizations with 100 to 5,000 employees), two out of three of them said their organizations (68 percent) suffered a cyberattack in 2018, despite efforts to prevent them. This, despite the fact that a full 26 percent of ITS time, on average, is spent on cybersecurity issues.. report at


China Internet Report reveals how tech firms have gone from copycats to trailblazers

www.scmp.com/tech/apps-social/article/3018026/chinese-internet-firms-are-no-longer-copycats-heres-how-china Another key trend for China technology this year revolves around Chinas ambitions to lead in next-generation 5G technology networks. China currently holds the most number of 5G patents, and has 5G pilot projects going in over a dozen cities with a total population of 167 million, according to the report.. Report at

multimedia.scmp.com/infographics/china-internet/pdf/china_internet_report_2019.pdf. (The report was authored by the South China Morning Post)

You might be interested in …

Daily NCSC-FI news followup 2020-03-15

CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-up-ransomware Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will […]

Read More

Daily NCSC-FI news followup 2019-08-13

Attackers could use this coding bug to turn BIG-IP load balancers against organizations blog.f-secure.com/command-injection-in-f5-irules/ During a routine security assessment, F-Secure Senior Security Consultant Christoffer Jerkeby discovered that an obscure coding bug could allow attackers to exploit F5 Networks popular BIG-IP load balancer. Further research found that, following a successful exploit, an adversary could turn the […]

Read More

Daily NCSC-FI news followup 2020-08-25

DDoS Hide & Seek: On the Effectiveness of a Booter Services Takedown labs.ripe.net/Members/daniel_kopp/ddos-hide-and-seek In this article, we investigated booter-based DDoS attacks in the wild and the impact of an FBI takedown targeting fifteen booter websites in December 2018. We investigated and compared attack properties of multiple booter services by launching DDoS attacks against our own […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.