Daily NCSC-FI news followup 2019-10-14

Laajamittainen häiriö Nesteen IT-järjestelmissä

www.neste.com/fi/tiedotteet-ja-uutiset/laajamittainen-hairio-nesteen-it-jarjestelmissa Nesteen IT-järjestelmissä on havaittu laajamittainen häiriö. Häiriö vaikuttaa Nesteen Suomen ja Baltian toimintoihin laajasti prosessi-, säiliö- ja terminaalialueella, ja aiheuttaa viivästyksiä tuotejakelussa. Häiriön syytä tutkitaan parhaillaan yhteistyössä palveluntarjoajien kanssa.

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

www.welivesecurity.com/2019/10/14/connecting-dots-exposing-arsenal-methods-winnti/ New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. full report


Valtionhallinnon tietoliikenneyhteydet takkuilivat maanantaiaamuna Vika vaikutti noin kymmenen organisaation yhteyksiin

yle.fi/uutiset/3-11018866 Häiriö johtui viikonloppuna tehdyistä huoltotöistä.

Iranian Hackers Create Credible Phishing to Steal Library Access

www.bleepingcomputer.com/news/security/iranian-hackers-create-credible-phishing-to-steal-library-access/ The Silent Librarian threat group is constantly updating its tactics and techniques, to the point of using on its login phishing pages info and alerts that is accurate and relevant to potential victims.. Security researchers track this group under different names (TA407, Cobalt Dickes, Mabna Institute). They all agree on its connection with the Iranian government and that its purpose is to steal intellectual property from universities across the globe.

Apple Under Fire Over Sending Some Users Browsing Data to China’s Tencent

thehackernews.com/2019/10/apple-safari-safebrowsing-tencent.html Late last week, it was widely revealed that starting from at least iOS 12.2, Apple silently integrated the “Tencent Safe Browsing” service to power its “Fraudulent Website Warning” feature in the Safari web browser for both iOS and macOS.. see also


Huijarit ottivat kohteekseen pienten elokuvateattereiden asiakkaat viesteillä luvataan halpoja lippuja

yle.fi/uutiset/3-11019578 Viestejä on lähetetty ainakin Helsingin Orionin, Tampereen Arthouse Cinema Niagaran ja Järvenpään Studio 123:n nimissä.

Mikko Hyppönen: Teemme parhaillaan virhettä, jonka vuoksi lapsemme vielä vihaavat meitä

www.is.fi/digitoday/tietoturva/art-2000006269566.html F-Securen tutkimusjohtaja vertaa esineiden internetiä asbestipommiin, jonka jättimäiset haitat tajuttiin vasta isolla viiveellä.

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service Follow The Money

securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-follow-the-money/ This is the third installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its connections to GandCrab, the most prolific Ransomware-as-a-Service (RaaS) Campaign of 2018 and mid 2019.

Microsoft Defender ‘Tamper Protection’ reaches general availability

www.zdnet.com/article/microsoft-defender-tamper-protection-reaches-general-availability/ Tamper Protection prevents malware from disabling Windows Defender features.

Google announces new USB-C Titan Security Key

www.zdnet.com/article/google-announces-new-usb-c-titan-security-key/ The latest version of the second-factor security key is compatible with Android, Chrome OS, macOS, and Windows devices

Factoring 2048-bit Numbers Using 20 Million Qubits

www.schneier.com/blog/archives/2019/10/factoring_2048-.html This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It’s interesting work, but I don’t want overstate the risk.

You might be interested in …

Daily NCSC-FI news followup 2020-03-25

Updated protection for Microsoft Office 365 www.kaspersky.com/blog/office-365-protection-update/34412/ In the context of the coronavirus pandemic, there is a growing need to protect collaborative software. We updated Kaspersky Security for Microsoft Office 365 and extended the free license period to six months. US Government Sites Give Bad Security Advice krebsonsecurity.com/2020/03/us-government-sites-give-bad-security-advice/ Many U.S. government Web sites now carry […]

Read More

Daily NCSC-FI news followup 2019-09-13

Israel accused of planting mysterious spy devices near the White House www.politico.com/story/2019/09/12/israel-white-house-spying-devices-1491351 The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge […]

Read More

Daily NCSC-FI news followup 2020-11-24

TA416 Goes to Ground and Returns with a Golang PlugX Malware Loader www.proofpoint.com/us/blog/threat-insight/ta416-goes-ground-and-returns-golang-plugx-malware-loader Following the Chinese National Day holiday in September, Proofpoint researchers observed a resumption of activity by the APT actor TA416. Historic campaigns by this actor have also been publicly attributed to Mustang Panda and RedDelta. This new activity appears to be a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.