Daily NCSC-FI news followup 2019-09-15

Attack Landscape H1 2019: IoT, SMB traffic abound

blog.f-secure.com/attack-landscape-h1-2019-iot-smb-traffic-abound/ To no ones surprise, internet of things (IoT) device insecurity has emerged as a top concern and top driver of internet attack traffic in the first half of 2019. According to our new report, Attack Landscape H1 2019, which details traffic measured by F-Secures global network of honeypots, the number of attack events measured from January through June was twelve times higher when compared with the same period in 2018, an increase largely driven b. [PDF]

s3-eu-central-1.amazonaws.com/evermade-fsecure-assets/wp-content/uploads/2019/09/12093807/2019_attack_landscape_report.pdf

The New Target That Enables Ransomware Hackers to Paralyze Dozens of Towns and Businesses at Once

www.propublica.org/article/the-new-target-that-enables-ransomware-hackers-to-paralyze-dozens-of-towns-and-businesses-at-once Cybercriminals are zeroing in on the managed service providers that handle computer systems for local governments and medical clinics.

Thrip: Ambitious Attacks Against High Level Targets Continue

www.symantec.com/blogs/threat-intelligence/thrip-apt-south-east-asia One of the most alarming discoveries we made in our original Thrip research was that the group had targeted a satellite communications operator and seemed to be interested in the operational side of the company, looking for and infecting computers running software that monitored and controlled satellites. Significantly, Thrip has continued to target organizations in the satellite communications sector, with evidence of activity dating to as recently a

Daily NCSC-FI news followup 2020-04-27

Ciscon USC-laitteet ovat vaarassa tuhoutua omin päin, mikäli ylläpitäjät eivät tilannetta ratkaise www.tivi.fi/uutiset/tv/be4dd0ae-92ab-4e18-8e9b-9d3a04adacb9 The Register kertoo, että 23:ssa Ciscon USC-malliston palvelimessa on ikävä vika. Ne nimittäin ottavat ja itsetuhoutuvat, kun niiden käyttöaika yltää 40 000 tuntiin. “Jos ssd-levy yltää 40 000 käyttötuntiin asti, levy muuttuu täysin käyttökelvottomaksi ja se on vaihdettava”, Cisco varoittaa asiakkaitaan. Lue […]

Daily NCSC-FI news followup 2020-11-15

Podcast: KRP:llä kova vaihe päällä Vastaamo-tutkinnassa “Etsimme sieltä valtavasta datamassasta niitä jälkiä” www.is.fi/digitoday/tietoturva/art-2000007620372.html Me halusimme turvata esitutkinnan alkutoimet ja myös teimme kaikkemme sen eteen, että sitä tietokantaa ei julkaistaisi ja että me saisimme sen mahdollisesti takaisin, tutkinnanjohtaja, rikoskomisario Marko Leponen sanoo keskusrikospoliisin Kuulusteluhuone-nimisessä podcastissa. Podcast: cms.megaphone.fm/channel/JKSO4493460300?selected=JKSO5346679437. Podcastin sisältö tekstinä: www.poliisi.fi/instancedata/prime_product_julkaisu/intermin/embeds/poliisiwwwstructure/94651_Kuulusteluhuone-podcastin_erikoisjakso_-_Vastaamo_litterointi_.pdf?4e5ccbcdcd87d888 CISA Publishes 2020 Chemical Security […]

Daily NCSC-FI news followup 2019-10-17

Security researcher publishes proof-of-concept code for recent Android zero-day www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/ Qu1ckR00t app can root an Android device using the CVE-2019-2215 zero-day. Operation Ghost: The Dukes arent back they never left www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/ ESET researchers describe recent activity of the infamous espionage group, the Dukes, including three new malware families. We believe Operation Ghost started in 2013 […]