Daily NCSC-FI news followup 2019-10-14

Laajamittainen häiriö Nesteen IT-järjestelmissä

www.neste.com/fi/tiedotteet-ja-uutiset/laajamittainen-hairio-nesteen-it-jarjestelmissa Nesteen IT-järjestelmissä on havaittu laajamittainen häiriö. Häiriö vaikuttaa Nesteen Suomen ja Baltian toimintoihin laajasti prosessi-, säiliö- ja terminaalialueella, ja aiheuttaa viivästyksiä tuotejakelussa. Häiriön syytä tutkitaan parhaillaan yhteistyössä palveluntarjoajien kanssa.

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

www.welivesecurity.com/2019/10/14/connecting-dots-exposing-arsenal-methods-winnti/ New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. full report


Valtionhallinnon tietoliikenneyhteydet takkuilivat maanantaiaamuna Vika vaikutti noin kymmenen organisaation yhteyksiin

yle.fi/uutiset/3-11018866 Häiriö johtui viikonloppuna tehdyistä huoltotöistä.

Iranian Hackers Create Credible Phishing to Steal Library Access

www.bleepingcomputer.com/news/security/iranian-hackers-create-credible-phishing-to-steal-library-access/ The Silent Librarian threat group is constantly updating its tactics and techniques, to the point of using on its login phishing pages info and alerts that is accurate and relevant to potential victims.. Security researchers track this group under different names (TA407, Cobalt Dickes, Mabna Institute). They all agree on its connection with the Iranian government and that its purpose is to steal intellectual property from universities across the globe.

Apple Under Fire Over Sending Some Users Browsing Data to China’s Tencent

thehackernews.com/2019/10/apple-safari-safebrowsing-tencent.html Late last week, it was widely revealed that starting from at least iOS 12.2, Apple silently integrated the “Tencent Safe Browsing” service to power its “Fraudulent Website Warning” feature in the Safari web browser for both iOS and macOS.. see also


Huijarit ottivat kohteekseen pienten elokuvateattereiden asiakkaat viesteillä luvataan halpoja lippuja

yle.fi/uutiset/3-11019578 Viestejä on lähetetty ainakin Helsingin Orionin, Tampereen Arthouse Cinema Niagaran ja Järvenpään Studio 123:n nimissä.

Mikko Hyppönen: Teemme parhaillaan virhettä, jonka vuoksi lapsemme vielä vihaavat meitä

www.is.fi/digitoday/tietoturva/art-2000006269566.html F-Securen tutkimusjohtaja vertaa esineiden internetiä asbestipommiin, jonka jättimäiset haitat tajuttiin vasta isolla viiveellä.

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service Follow The Money

securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-follow-the-money/ This is the third installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its connections to GandCrab, the most prolific Ransomware-as-a-Service (RaaS) Campaign of 2018 and mid 2019.

Microsoft Defender ‘Tamper Protection’ reaches general availability

www.zdnet.com/article/microsoft-defender-tamper-protection-reaches-general-availability/ Tamper Protection prevents malware from disabling Windows Defender features.

Google announces new USB-C Titan Security Key

www.zdnet.com/article/google-announces-new-usb-c-titan-security-key/ The latest version of the second-factor security key is compatible with Android, Chrome OS, macOS, and Windows devices

Factoring 2048-bit Numbers Using 20 Million Qubits

www.schneier.com/blog/archives/2019/10/factoring_2048-.html This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It’s interesting work, but I don’t want overstate the risk.

You might be interested in …

Daily NCSC-FI news followup 2019-07-30

Hacker steals data of 106 million people from Capital One arstechnica.com/information-technology/2019/07/feds-former-cloud-worker-hacks-into-capital-one-and-takes-data-for-106-million-people/ FBI Special Agent Joel Martini wrote in a criminal complaint filed on Monday that a GitHub account belonging to [the hacker] showed that, earlier this year, someone exploited a firewall vulnerability in Capital Ones network that allowed an attacker to execute a series of […]

Read More

Daily NCSC-FI news followup 2019-10-06

HildaCrypt Ransomware Developer Releases Decryption Keys www.bleepingcomputer.com/news/security/hildacrypt-ransomware-developer-releases-decryption-keys/ The developer behind the HildaCrypt Ransomware has decided to release the ransomware’s private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free.. BleepingComputer had a conversation with the ransomware developer last night and was told […]

Read More

Daily NCSC-FI news followup 2019-12-06

If there’s somethin’ stored in a secure enclave, who ya gonna call? Membuster! www.theregister.co.uk/2019/12/05/membuster_secure_enclave/ Computer scientists from UC Berkeley, Texas A&M, and semiconductor biz SK Hynix have found a way to defeat secure enclave protections by observing memory requests from a CPU to off-chip DRAM through the memory bus. Read also: arxiv.org/pdf/1912.01701.pdf VCs find exciting […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.