Daily NCSC-FI news followup 2019-10-11

Hakkeriryhmä testasi Jyväskylän yliopiston tietoturvaa

www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/hakkeriryhma-testasi-jyvaskylan-yliopiston-tietoturvaa Useiden Jyväskylän yliopiston tietojärjestelmien tietoturvaa testattiin syyskuussa normaalista poikkeavalla tavalla, kun valkohattuhakkeriryhmä Team ROT etsi niistä tietoturvaongelmia toteuttamassaan tietoturvatestauksessa.. Tietoturvatestaus toteutettiin viikonlopun aikana niin, että se haittasi mahdollisimman vähän yliopiston normaalia toimintaa. Testaajilla ei ollut fyysistä pääsyä yliopiston järjestelmiin, vaan yhteys niihin muodostettiin etäältä avoimen verkon kautta juuri niin kuin kyberrikollisetkin tekisivät.. Tietoturvatestaus osoittautui yliopiston kannalta hyödylliseksi. Team ROT löysi testattaviksi valituista järjestelmistä haavoittuvuuksia, joihin on nyt reagoitu, ja samalla yliopiston tietoturvan taso on parantunut. Yhteistyö Team ROT:n kanssa sujui hyvin, ja myös valtaosa testattavien järjestelmien ylläpitäjistä ja toimittajista suhtautui uudenlaiseen lähestymistapaan myönteisesti.

macOS users targeted with new Tarmac malware

www.zdnet.com/article/macos-users-targeted-with-new-tarmac-malware/ Tarmac malware deployed via malvertising campaigns across the US, Italy, and Japan.

Iran-Linked Charming Kitten Touts New Spearphishing Tactics

threatpost.com/iran-linked-charming-kitten-touts-new-spearphishing-tactics/149109/ A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumps 2020 re-election campaign.

vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

threatpost.com/vbulletin-flaw-dutch-sex-work-forum-breach/149100/ A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum data that researchers say could be used for blackmail.

Windows 10 1703 is Now End of Service, No More Security Updates

www.bleepingcomputer.com/news/microsoft/windows-10-1703-is-now-end-of-service-no-more-security-updates/ Windows 10 version 1703, otherwise known as the Creators Update, has now reached end of service and will no longer receive any future security or quality updates.

Imperva blames data breach on stolen AWS API key

www.zdnet.com/article/imperva-blames-data-breach-on-stolen-aws-api-key/ Imperva said it accidentally exposed an internal server from where a hacker stole an AWS API key.

Feds arrest alleged members of international ATM skimmer ring

www.zdnet.com/article/feds-arrest-alleged-members-of-international-atm-skimmer-ring/ Prosecutors say the ATM scheme is responsible for the theft of at least $20 million.

Nemty Ransomware Decryptor Released, Recover Files for Free

www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/ Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free.

Magecart is back: hotels in the firing line

www.pandasecurity.com/mediacenter/news/magecart-hotels/ In September, two hotel chains were discovered to have been affected by a Magecart campaign. In this campaign, the skimming code was injected into the mobile websites of the two chains in a supply chain attack on a provider.. In both cases, the provider was Roomleader, a Barcelona-based company that provides digital marketing and web development services.. whitepaper

www.pandasecurity.com/mediacenter/src/uploads/2016/04/Hotel_Hijackers-en.pdf

Cryptomining Crook Steals Game Developers Identity to Carry Out Dirty Work

threatpost.com/cryptomining-crook-steals-game-developers-identity/149099/ An alleged fraudster built a vast web of AWS cloud accounts, becoming the platforms biggest consumer of data resources.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.