Daily NCSC-FI news followup 2019-10-11

Hakkeriryhmä testasi Jyväskylän yliopiston tietoturvaa

www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/hakkeriryhma-testasi-jyvaskylan-yliopiston-tietoturvaa Useiden Jyväskylän yliopiston tietojärjestelmien tietoturvaa testattiin syyskuussa normaalista poikkeavalla tavalla, kun valkohattuhakkeriryhmä Team ROT etsi niistä tietoturvaongelmia toteuttamassaan tietoturvatestauksessa.. Tietoturvatestaus toteutettiin viikonlopun aikana niin, että se haittasi mahdollisimman vähän yliopiston normaalia toimintaa. Testaajilla ei ollut fyysistä pääsyä yliopiston järjestelmiin, vaan yhteys niihin muodostettiin etäältä avoimen verkon kautta juuri niin kuin kyberrikollisetkin tekisivät.. Tietoturvatestaus osoittautui yliopiston kannalta hyödylliseksi. Team ROT löysi testattaviksi valituista järjestelmistä haavoittuvuuksia, joihin on nyt reagoitu, ja samalla yliopiston tietoturvan taso on parantunut. Yhteistyö Team ROT:n kanssa sujui hyvin, ja myös valtaosa testattavien järjestelmien ylläpitäjistä ja toimittajista suhtautui uudenlaiseen lähestymistapaan myönteisesti.

macOS users targeted with new Tarmac malware

www.zdnet.com/article/macos-users-targeted-with-new-tarmac-malware/ Tarmac malware deployed via malvertising campaigns across the US, Italy, and Japan.

Iran-Linked Charming Kitten Touts New Spearphishing Tactics

threatpost.com/iran-linked-charming-kitten-touts-new-spearphishing-tactics/149109/ A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumps 2020 re-election campaign.

vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

threatpost.com/vbulletin-flaw-dutch-sex-work-forum-breach/149100/ A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum data that researchers say could be used for blackmail.

Windows 10 1703 is Now End of Service, No More Security Updates

www.bleepingcomputer.com/news/microsoft/windows-10-1703-is-now-end-of-service-no-more-security-updates/ Windows 10 version 1703, otherwise known as the Creators Update, has now reached end of service and will no longer receive any future security or quality updates.

Imperva blames data breach on stolen AWS API key

www.zdnet.com/article/imperva-blames-data-breach-on-stolen-aws-api-key/ Imperva said it accidentally exposed an internal server from where a hacker stole an AWS API key.

Feds arrest alleged members of international ATM skimmer ring

www.zdnet.com/article/feds-arrest-alleged-members-of-international-atm-skimmer-ring/ Prosecutors say the ATM scheme is responsible for the theft of at least $20 million.

Nemty Ransomware Decryptor Released, Recover Files for Free

www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/ Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free.

Magecart is back: hotels in the firing line

www.pandasecurity.com/mediacenter/news/magecart-hotels/ In September, two hotel chains were discovered to have been affected by a Magecart campaign. In this campaign, the skimming code was injected into the mobile websites of the two chains in a supply chain attack on a provider.. In both cases, the provider was Roomleader, a Barcelona-based company that provides digital marketing and web development services.. whitepaper

www.pandasecurity.com/mediacenter/src/uploads/2016/04/Hotel_Hijackers-en.pdf

Cryptomining Crook Steals Game Developers Identity to Carry Out Dirty Work

threatpost.com/cryptomining-crook-steals-game-developers-identity/149099/ An alleged fraudster built a vast web of AWS cloud accounts, becoming the platforms biggest consumer of data resources.

You might be interested in …

Daily NCSC-FI news followup 2021-04-17

Major BGP leak disrupts thousands of networks globally www.bleepingcomputer.com/news/security/major-bgp-leak-disrupts-thousands-of-networks-globally/ A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone’s autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources. […]

Read More

Daily NCSC-FI news followup 2021-07-10

Cyber-attack disrupts Irans national railway system therecord.media/cyber-attack-disrupts-irans-national-railway-system/ Train services were canceled or delayed in Iran after a cyberattack crippled the national railway companys computer systems on Friday morning. The exact nature of the disruption is unclear, but the outage affected both passenger and cargo transportation services. According to multiple local media outlets, the system used […]

Read More

Daily NCSC-FI news followup 2019-07-07

Libra Cryptocurrency Scams Already Active Ahead Of 2020 Launch www.bleepingcomputer.com/news/security/libra-cryptocurrency-scams-already-active-ahead-of-2020-launch/ No sooner had Facebook announced Libra cryptocurrency and the matching digital Calibra wallet that cybercriminals tried to get a head start on a new phishing theme. Europe Built a System to Fight Russian Meddling. Its Struggling. www.nytimes.com/2019/07/06/world/europe/europe-russian-disinformation-propaganda-elections.html TWITTER’S DISINFORMATION DATA DUMPS ARE HELPFULTO A POINT […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.