Daily NCSC-FI news followup 2019-10-11

Hakkeriryhmä testasi Jyväskylän yliopiston tietoturvaa

www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/hakkeriryhma-testasi-jyvaskylan-yliopiston-tietoturvaa Useiden Jyväskylän yliopiston tietojärjestelmien tietoturvaa testattiin syyskuussa normaalista poikkeavalla tavalla, kun valkohattuhakkeriryhmä Team ROT etsi niistä tietoturvaongelmia toteuttamassaan tietoturvatestauksessa.. Tietoturvatestaus toteutettiin viikonlopun aikana niin, että se haittasi mahdollisimman vähän yliopiston normaalia toimintaa. Testaajilla ei ollut fyysistä pääsyä yliopiston järjestelmiin, vaan yhteys niihin muodostettiin etäältä avoimen verkon kautta juuri niin kuin kyberrikollisetkin tekisivät.. Tietoturvatestaus osoittautui yliopiston kannalta hyödylliseksi. Team ROT löysi testattaviksi valituista järjestelmistä haavoittuvuuksia, joihin on nyt reagoitu, ja samalla yliopiston tietoturvan taso on parantunut. Yhteistyö Team ROT:n kanssa sujui hyvin, ja myös valtaosa testattavien järjestelmien ylläpitäjistä ja toimittajista suhtautui uudenlaiseen lähestymistapaan myönteisesti.

macOS users targeted with new Tarmac malware

www.zdnet.com/article/macos-users-targeted-with-new-tarmac-malware/ Tarmac malware deployed via malvertising campaigns across the US, Italy, and Japan.

Iran-Linked Charming Kitten Touts New Spearphishing Tactics

threatpost.com/iran-linked-charming-kitten-touts-new-spearphishing-tactics/149109/ A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumps 2020 re-election campaign.

vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

threatpost.com/vbulletin-flaw-dutch-sex-work-forum-breach/149100/ A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum data that researchers say could be used for blackmail.

Windows 10 1703 is Now End of Service, No More Security Updates

www.bleepingcomputer.com/news/microsoft/windows-10-1703-is-now-end-of-service-no-more-security-updates/ Windows 10 version 1703, otherwise known as the Creators Update, has now reached end of service and will no longer receive any future security or quality updates.

Imperva blames data breach on stolen AWS API key

www.zdnet.com/article/imperva-blames-data-breach-on-stolen-aws-api-key/ Imperva said it accidentally exposed an internal server from where a hacker stole an AWS API key.

Feds arrest alleged members of international ATM skimmer ring

www.zdnet.com/article/feds-arrest-alleged-members-of-international-atm-skimmer-ring/ Prosecutors say the ATM scheme is responsible for the theft of at least $20 million.

Nemty Ransomware Decryptor Released, Recover Files for Free

www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/ Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free.

Magecart is back: hotels in the firing line

www.pandasecurity.com/mediacenter/news/magecart-hotels/ In September, two hotel chains were discovered to have been affected by a Magecart campaign. In this campaign, the skimming code was injected into the mobile websites of the two chains in a supply chain attack on a provider.. In both cases, the provider was Roomleader, a Barcelona-based company that provides digital marketing and web development services.. whitepaper

www.pandasecurity.com/mediacenter/src/uploads/2016/04/Hotel_Hijackers-en.pdf

Cryptomining Crook Steals Game Developers Identity to Carry Out Dirty Work

threatpost.com/cryptomining-crook-steals-game-developers-identity/149099/ An alleged fraudster built a vast web of AWS cloud accounts, becoming the platforms biggest consumer of data resources.

You might be interested in …

Daily NCSC-FI news followup 2019-12-29

UK Government exposes addresses of new year honours recipients www.theguardian.com/uk-news/2019/dec/28/government-exposes-addresses-of-new-year-honours-recipients More than 1,000 celebrities, government employees and politicians recognized in the U.K.’s traditional New Year’s Honours list this year “have had their home and work addresses posted on a government website.” IoT vendor Wyze confirms server leak www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/ Wyze, a company that sells smart devices […]

Read More

Daily NCSC-FI news followup 2019-08-11

Over 40 Windows Hardware Drivers Vulnerable To Privilege Escalation www.bleepingcomputer.com/news/security/over-40-windows-hardware-drivers-vulnerable-to-privilege-escalation/ Researchers analyzing the security of legitimate device drivers found that more than 40 from at least 20 hardware vendors can be abused to achieve privilege escalation. The vendors affected include every major BIOS vendor and big names in the computer hardware business like ASUS, Toshiba, […]

Read More

Daily NCSC-FI news followup 2020-08-06

Australia’s 2020 Cyber Security Strategy www.pm.gov.au/media/australias-2020-cyber-security-strategy The Morrison Governments 2020 Cyber Security Strategy outlines how we will keep Australian families and businesses secure online, protect and strengthen the security and resilience of Australias critical infrastructure and ensure law enforcement agencies have the powers and technical capabilities to detect, target, investigate and disrupt cybercrime, including on […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.