Daily NCSC-FI news followup 2019-08-12

Nasty New Malware Waits Until You Visit A Pornsite, Then Starts Recording

www.forbes.com/sites/zakdoffman/2019/08/11/nasty-new-malware-waits-until-you-visit-a-pornsite-then-starts-recording/#120b21d7568d At the end of last week, ESET’s security researchers disclosed the discovery of a new strain of malware that takes the trend for sextortion to a new level. Varenyky, as the malware was named by its finders, monitors the activity on infected computers, watching until a pornographic website is visited, and then starts recording the screen.

Malware Naming Hell Part 1: Taming the mess of AV detection names

www.gdatasoftware.com/blog/2019/08/35146-taming-the-mess-of-av-detection-names Everyone who deals with malware will know this: Malware names are a convoluted mess. AV scanners will show different detection names for the same file. This confusion is also reflected in media coverage. Is there a way out of this mess?

Evaluating the NSA’s Telephony Metadata Program

www.schneier.com/blog/archives/2019/08/evaluating_the_1.html The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake of the 9/11 attacks.

Canon DSLR Cameras Can Be Hacked With Ransomware Remotely

thehackernews.com/2019/08/dslr-camera-hacking.html In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage until victims pay a ransom.

Porin opetusverkkoon kohdistetun tietomurron ongelmat selvitetty

yle.fi/uutiset/3-10918474 Porin kaupunkiin kohdistetun tietomurron aiheuttamat ongelmat on saatu korjattua. Tietomurto kohdistui opetusverkkoon, joka on saatu rakennettua takaisin käyttökuntoon.

Check Points SandBlast Protects Israeli Bank Customers from Smishing Campaign

blog.checkpoint.com/2019/08/12/check-points-sandblast-protects-israeli-bank-customers-from-smishing-campaign/ Recently a new smishing (SMS phishing) attack targeted users in Israel. In a smishing campaign, attackers send SMS messages from supposedly legitimate organizations. These messages try to persuade you to download what turns out to be a malicious app, provide private information like bank account or credit card details, or click a link which leads to a malicious URL.

Recent Cloud Atlas activity

securelist.com/recent-cloud-atlas-activity/92016/ Also known as Inception, Cloud Atlas is an actor that has a long history of cyber-espionage operations targeting industries and governmental entities. From the beginning of 2019 until July, we have been able to identify different spear-phishing campaigns related to this threat actor mostly focused on Russia, Central Asia and regions of Ukraine with ongoing military conflicts.

You might be interested in …

Daily NCSC-FI news followup 2019-10-24

Some ICS Security Incidents Resulted in Injury, Loss of Life: Survey www.securityweek.com/some-ics-security-incidents-resulted-injury-loss-life-survey Some of the recent cybersecurity incidents involving industrial control systems (ICS) have resulted in injury and even loss of life, according to a survey conducted by Control Systems Cyber Security Association International (CS2AI). Cyber chief: The IoT could provide a model for improved […]

Read More

Daily NCSC-FI news followup 2021-01-18

Suomen elintarvikehuolto harjoittelee poikkeustilannetta varten www.is.fi/digitoday/art-2000007747319.html Suomen elintarvikehuollon toimijat harjoittelevat tällä viikolla poikkeustilanteita varten. Huoltovarmuuskeskuksen digipoolin järjestämässä kolmipäiväisessä harjoituksessa valmistaudutaan toimintaan kyberhäiriötilanteessa. Huomenna alkavassa harjoituksessa on mukana elintarviketeollisuuden, kaupan ja jakelun, öljynjakelun, logistiikan ja liikenteen sekä vesihuollon toimijoita. Paino on huoltoketjun osien yhteistoiminnassa ja elintarvikehuollon toiminnassa poikkeustilanteessa. Kyseessä on osa laajempaa Tieto20-harjoituskokonaisuutta, joka alkoi helmikuussa […]

Read More

Daily NCSC-FI news followup 2020-03-02

Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now www.bleepingcomputer.com/news/security/active-scans-for-apache-tomcat-ghostcat-vulnerability-detected-patch-now/ Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend.. As cyber threat intelligence firm Bad Packets said on Saturday, “mass scanning activity targeting this vulnerability has already begun. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.