Daily NCSC-FI news followup 2019-08-25

Kiristyshaittaohjelmat pistävät kaupunkien sisun koetukselle ympäri Amerikkaa

www.nytimes.com/2019/08/22/us/ransomware-attacks-hacking.html

Android 10 julkaisu tulee korjaamaan melkein kaksisataa tietoturvaongelmaa.

www.forbes.com/sites/daveywinder/2019/08/23/android-10-google-confirms-193-security-vulnerabilities-need-fixing/

Hostinger: Jopa 14 miljoonaa asiakasta tietomurron uhrina. Salasanat vaihdettu turvatoimena.

www.hostinger.com/blog/security-incident-what-you-need-to-know/

Webmin liittyy Pulse Securen ja Fortigaten joukkoon, kun rikolliset aktiivisesti yrittävät hyväksikäyttää viimeaikaisia tietoturvahaavoittuvuuksia.

www.zdnet.com/article/hackers-mount-attacks-on-webmin-servers-pulse-secure-and-fortinet-vpns/

Tekninen analyysi APT34 (OilRig, CobaltGypsy) TwoFace webshell – -työkalusta.

www.emanueledelucia.net/a-dive-into-apt34-aka-oilrig-aka-cobalt-gypsy-twoface-webshell/

You might be interested in …

Daily NCSC-FI news followup 2020-10-09

We Hacked Apple for 3 Months: Here’s What We Found samcurry.net/hacking-apple/ There were a total of 55 vulnerabilities discovered with 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity reports. As of now, October 8th, we have received 32 payments totaling $288, 500 for various vulnerabilities. However, it appears that Apple […]

Read More

Daily NCSC-FI news followup 2020-03-08

Data-Stealing FormBook Malware Preys on Coronavirus Fears www.bleepingcomputer.com/news/security/data-stealing-formbook-malware-preys-on-coronavirus-fears/ Another email campaign pretending to be Coronavirus (COVID-19) information from the World Health Organization (WHO) is distributing a malware downloader that installs the FormBook information-stealing Trojan. Hackers can clone millions of Toyota, Hyundai, and Kia keys arstechnica.com/cars/2020/03/hackers-can-clone-millions-of-toyota-hyundai-and-kia-keys/ Encryption flaws in common anti-theft feature expose vehicles from major […]

Read More

Daily NCSC-FI news followup 2021-03-19

Identifying suspicious credential usage www.ncsc.gov.uk/blog-post/identifying-suspicious-credential-usage How NCSC guidance can help organisations detect and protect themselves from credential abuse. Weekly Threat Report 19th March 2021 www.ncsc.gov.uk/report/weekly-threat-report-19th-march-2021 The NCSC’s weekly threat report is drawn from recent open source reporting. “Expert” hackers used 11 0-days to infect Windows, iOS, and Android users arstechnica.com/information-technology/2021/03/expert-hackers-used-11-zerodays-to-infect-windows-ios-and-android-users/ A team of advanced hackers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.