Daily NCSC-FI news followup 2019-10-14

Laajamittainen häiriö Nesteen IT-järjestelmissä

www.neste.com/fi/tiedotteet-ja-uutiset/laajamittainen-hairio-nesteen-it-jarjestelmissa Nesteen IT-järjestelmissä on havaittu laajamittainen häiriö. Häiriö vaikuttaa Nesteen Suomen ja Baltian toimintoihin laajasti prosessi-, säiliö- ja terminaalialueella, ja aiheuttaa viivästyksiä tuotejakelussa. Häiriön syytä tutkitaan parhaillaan yhteistyössä palveluntarjoajien kanssa.

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

www.welivesecurity.com/2019/10/14/connecting-dots-exposing-arsenal-methods-winnti/ New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. full report


Valtionhallinnon tietoliikenneyhteydet takkuilivat maanantaiaamuna Vika vaikutti noin kymmenen organisaation yhteyksiin

yle.fi/uutiset/3-11018866 Häiriö johtui viikonloppuna tehdyistä huoltotöistä.

Iranian Hackers Create Credible Phishing to Steal Library Access

www.bleepingcomputer.com/news/security/iranian-hackers-create-credible-phishing-to-steal-library-access/ The Silent Librarian threat group is constantly updating its tactics and techniques, to the point of using on its login phishing pages info and alerts that is accurate and relevant to potential victims.. Security researchers track this group under different names (TA407, Cobalt Dickes, Mabna Institute). They all agree on its connection with the Iranian government and that its purpose is to steal intellectual property from universities across the globe.

Apple Under Fire Over Sending Some Users Browsing Data to China’s Tencent

thehackernews.com/2019/10/apple-safari-safebrowsing-tencent.html Late last week, it was widely revealed that starting from at least iOS 12.2, Apple silently integrated the “Tencent Safe Browsing” service to power its “Fraudulent Website Warning” feature in the Safari web browser for both iOS and macOS.. see also


Huijarit ottivat kohteekseen pienten elokuvateattereiden asiakkaat viesteillä luvataan halpoja lippuja

yle.fi/uutiset/3-11019578 Viestejä on lähetetty ainakin Helsingin Orionin, Tampereen Arthouse Cinema Niagaran ja Järvenpään Studio 123:n nimissä.

Mikko Hyppönen: Teemme parhaillaan virhettä, jonka vuoksi lapsemme vielä vihaavat meitä

www.is.fi/digitoday/tietoturva/art-2000006269566.html F-Securen tutkimusjohtaja vertaa esineiden internetiä asbestipommiin, jonka jättimäiset haitat tajuttiin vasta isolla viiveellä.

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service Follow The Money

securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-follow-the-money/ This is the third installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its connections to GandCrab, the most prolific Ransomware-as-a-Service (RaaS) Campaign of 2018 and mid 2019.

Microsoft Defender ‘Tamper Protection’ reaches general availability

www.zdnet.com/article/microsoft-defender-tamper-protection-reaches-general-availability/ Tamper Protection prevents malware from disabling Windows Defender features.

Google announces new USB-C Titan Security Key

www.zdnet.com/article/google-announces-new-usb-c-titan-security-key/ The latest version of the second-factor security key is compatible with Android, Chrome OS, macOS, and Windows devices

Factoring 2048-bit Numbers Using 20 Million Qubits

www.schneier.com/blog/archives/2019/10/factoring_2048-.html This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It’s interesting work, but I don’t want overstate the risk.

You might be interested in …

Daily NCSC-FI news followup 2020-06-17

Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies www.welivesecurity.com/2020/06/17/operation-interception-aerospace-military-companies-cyberspies/ At the end of last year, we discovered targeted attacks against aerospace and military companies in Europe and the Middle East, active from September to December 2019. A collaborative investigation with two of the affected European companies allowed us to gain insight into […]

Read More

Daily NCSC-FI news followup 2020-05-30

List of well-known web sites that port scan their visitors www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/ Last weekend, news heavily circulated that eBay.com was port scanning visitors’ computers when they browsed their site. To see what other sites may be using this script, BleepingComputer reached out to DomainTools, a cybersecurity company specializing in web domain and DNS threat intelligence. Of […]

Read More

Daily NCSC-FI news followup 2019-08-15

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. Microsoft warns of new BlueKeeplike flaws www.welivesecurity.com/2019/08/15/microsoft-warning-wormable-flaws/ Microsoft issued fixes for four critical vulnerabilities in […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.