Daily NCSC-FI news followup 2019-10-11

Hakkeriryhmä testasi Jyväskylän yliopiston tietoturvaa

www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/hakkeriryhma-testasi-jyvaskylan-yliopiston-tietoturvaa Useiden Jyväskylän yliopiston tietojärjestelmien tietoturvaa testattiin syyskuussa normaalista poikkeavalla tavalla, kun valkohattuhakkeriryhmä Team ROT etsi niistä tietoturvaongelmia toteuttamassaan tietoturvatestauksessa.. Tietoturvatestaus toteutettiin viikonlopun aikana niin, että se haittasi mahdollisimman vähän yliopiston normaalia toimintaa. Testaajilla ei ollut fyysistä pääsyä yliopiston järjestelmiin, vaan yhteys niihin muodostettiin etäältä avoimen verkon kautta juuri niin kuin kyberrikollisetkin tekisivät.. Tietoturvatestaus osoittautui yliopiston kannalta hyödylliseksi. Team ROT löysi testattaviksi valituista järjestelmistä haavoittuvuuksia, joihin on nyt reagoitu, ja samalla yliopiston tietoturvan taso on parantunut. Yhteistyö Team ROT:n kanssa sujui hyvin, ja myös valtaosa testattavien järjestelmien ylläpitäjistä ja toimittajista suhtautui uudenlaiseen lähestymistapaan myönteisesti.

macOS users targeted with new Tarmac malware

www.zdnet.com/article/macos-users-targeted-with-new-tarmac-malware/ Tarmac malware deployed via malvertising campaigns across the US, Italy, and Japan.

Iran-Linked Charming Kitten Touts New Spearphishing Tactics

threatpost.com/iran-linked-charming-kitten-touts-new-spearphishing-tactics/149109/ A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumps 2020 re-election campaign.

vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

threatpost.com/vbulletin-flaw-dutch-sex-work-forum-breach/149100/ A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum data that researchers say could be used for blackmail.

Windows 10 1703 is Now End of Service, No More Security Updates

www.bleepingcomputer.com/news/microsoft/windows-10-1703-is-now-end-of-service-no-more-security-updates/ Windows 10 version 1703, otherwise known as the Creators Update, has now reached end of service and will no longer receive any future security or quality updates.

Imperva blames data breach on stolen AWS API key

www.zdnet.com/article/imperva-blames-data-breach-on-stolen-aws-api-key/ Imperva said it accidentally exposed an internal server from where a hacker stole an AWS API key.

Feds arrest alleged members of international ATM skimmer ring

www.zdnet.com/article/feds-arrest-alleged-members-of-international-atm-skimmer-ring/ Prosecutors say the ATM scheme is responsible for the theft of at least $20 million.

Nemty Ransomware Decryptor Released, Recover Files for Free

www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/ Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free.

Magecart is back: hotels in the firing line

www.pandasecurity.com/mediacenter/news/magecart-hotels/ In September, two hotel chains were discovered to have been affected by a Magecart campaign. In this campaign, the skimming code was injected into the mobile websites of the two chains in a supply chain attack on a provider.. In both cases, the provider was Roomleader, a Barcelona-based company that provides digital marketing and web development services.. whitepaper


Cryptomining Crook Steals Game Developers Identity to Carry Out Dirty Work

threatpost.com/cryptomining-crook-steals-game-developers-identity/149099/ An alleged fraudster built a vast web of AWS cloud accounts, becoming the platforms biggest consumer of data resources.

You might be interested in …

Daily NCSC-FI news followup 2019-08-14

In the Balkans, businesses are under fire from a doublebarreled weapon www.welivesecurity.com/2019/08/14/balkans-businesses-double-barreled-weapon/ Weve discovered an ongoing campaign in the Balkans spreading two tools having a similar purpose: a backdoor and a remote access trojan we named, respectively, BalkanDoor and BalkanRAT August Patch Tuesday: Update Fixes Wormable Flaws in Remote Desktop Services, VBScript Gets Disabled by […]

Read More

Daily NCSC-FI news followup 2020-09-11

New cyberattacks targeting U.S. elections blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/ In recent weeks, Microsoft has detected cyberattacks targeting people and organizations involved in the upcoming presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns, as detailed below.. Strontium, operating from Russia, has attacked more than 200 organizations including political campaigns, advocacy groups, parties […]

Read More

Daily NCSC-FI news followup 2019-07-03

Facebook says its working to resolve outages across Instagram, WhatsApp, and Messenger www.theverge.com/2019/7/3/20681050/facebook-picture-stories-outage-instagram-whatsapp-messenger Facebook has had problems loading images, videos, and other data across its apps today, leaving some people unable to load photos in the Facebook News Feed, view stories on Instagram, or send messages in WhatsApp. Facebook says it is aware of the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.