Expand search form
Menu

Daily NCSC-FI news followup 2019-09-30

NCSC-FI News followup by News Bot Leave a Comment on Daily NCSC-FI news followup 2019-09-30

Uusi ja kallis hätäkeskusjärjestelmä kaatui, kun valtion verkkoa päivitettiin “Se on hävyttömän pitkä aika

www.iltalehti.fi/kotimaa/a/b2100812-f297-4a44-8b74-609719dda523 Uusi hätäkeskusjärjestelmä Erica on lakannut toimimasta valtion Valtorin turvallisuusverkon päivityskatkosten vuoksi.

Detecting and Preventing Emotet 2019 Campaign

media.cert.europa.eu/static/SecurityAdvisories/2019/CERT-EU-SA2019-021.pdf Since beginning of June 2019, the Emotet botnet stopped sending phishing emails to infect new victims. However, on August 22nd, 2019, the known Command-and-Control (CnC) servers started responding again. . ince September 16th, 2019, CERT-EU has been observing new phishing campaigns. To detect and prevent infection, CERT-EU analysed the behavior of those new versions of Emotet and hereby provides some recommendations for the SOC teams.

New Critical Exim Flaw Exposes Email Servers to Remote Attacks Patch Released

thehackernews.com/2019/09/exim-email-security-vulnerability.html A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers.

Malvertiser exploited two browser bugs to show over one billion malicious ads

www.zdnet.com/article/malvertiser-exploited-two-browser-bugs-to-show-over-one-billion-malicious-ads/ Over the past six months, a criminal group specialized in showing malicious ads (malvertising) has used two obscure browser bugs to bypass browser security protections and successfully show intrusive popup ads and redirect users to malicious sites.

New PDFex attack can exfiltrate data from encrypted PDF files

www.zdnet.com/article/new-pdfex-attack-can-exfiltrate-data-from-encrypted-pdf-files/ German academics have developed a new attack that can extract and steal data from encrypted PDF files, sometimes without user interaction. Named PDFex, the new attack comes in two variations and was successfully tested against 27 desktop and web PDF viewers.

News Bot

News Bot

NCSC-FI Daily news

You might be interested in …

Daily NCSC-FI news followup 2020-12-25

NCSC-FI News followup

SUNBURST Additional Technical Details www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html FireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we recommend readers familiarize themselves with our blog post about the SolarWinds supply chain compromise, which revealed a global intrusion campaign by a sophisticated […]

Read More

Daily NCSC-FI news followup 2021-01-15

NCSC-FI News followup

Bitcoin-kiristäjä piinaa taas suomalaisia www.kauppalehti.fi/uutiset/bitcoin-kiristaja-piinaa-taas-suomalaisia-ala-maksa-masturbointilunnaita/a65ed063-b6b7-4ae9-93a8-4a4161d70b43 Verkkohuijarit ovat taas liikkeellä pornokiristyksinä tunnettujen huijausviestien kanssa. Huijarit väittävät tartuttaneensa haittaohjelman vastaanottajan koneelle tämän vierailtua aikuisviihdesivustolla. Katso myös Kyberturvallisuuskeskuksen uutinen aiheesta: www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kiristyshuijauksia-liikkeella-runsaasti-ala-usko-huijarien-vaitteita Signal down after getting flooded with new users www.bleepingcomputer.com/news/software/signal-down-after-getting-flooded-with-new-users/ Signal users are currently experiencing issues around the world, with users unable to send and receive messages. Ransomware […]

Read More

Daily NCSC-FI news followup 2019-11-04

NCSC-FI News followup

Chrome bug squashed, QNAP NAS nasty hits, BlueKeep malware spreads, and more www.theregister.co.uk/2019/11/04/security_roundup_november1/ Including Spanish camgirl sites spill info, domain registrars hacked Happy Birthday, CVE! Naked Security nationalcybersecurity.com/happy-birthday-cve-naked-security/ It was October 1999. Macs had just got embedded Wi-Fi, Napster had launched, and Yahoo had purchased Geocities for $3.6bn. Something else happened that escaped most computer […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close Menu