Daily NCSC-FI news followup 2019-10-18

KRP epäilee: Rikosliiga hankki suomalaisia henkilötunnuksia ja pankkitilejä kuin liukuhihnalta kansainvälisessä petossarjassa

yle.fi/uutiset/3-11026054 KRP:n mukaan asianomistajille aiheutuneet vahingot ovat olleet tutkittavassa kokonaisuudessa yhteensä noin 725 000 euroa.

APT trends report Q3 2019

securelist.com/apt-trends-report-q3-2019/94530/

UK government has revealed it is working with chip-maker Arm on a £36m initiative to make more secure processors.

www.infosecurity-magazine.com/news/uk-government-announces/ See also www.cl.cam.ac.uk/research/security/ctsrd/cheri/

US Girl Scouts Launch First National Cybersecurity Challenge

www.infosecurity-magazine.com/news/us-girl-scouts-launch/ See also www.girlscouts.org/en/for-girls/cyber-challenge.html

Guarding against supply chain attacksPart 1: The big picture

www.microsoft.com/security/blog/2019/10/16/guarding-against-supply-chain-attacks-part-1-big-picture/

Microsofts 4 principles for an effective security operations center

www.microsoft.com/security/blog/2019/10/15/microsoft-4-principals-effective-security-operations-center/

Stay Calm, Your Incident Response Is Ready

securityintelligence.com/articles/stay-calm-your-incident-response-is-ready/

Smart Meters The Spanish Scenario and the Telemanagement System.

www.tarlogic.com/en/blog/smart-meters-spanish-scenario-telemanagement/ In accordance with Order IRC /3860/2007 of the 28th of December, all electricity meters supplied with a contracted power of up to 15 kW should have been replaced by equipment which allows time-based pricing and remote management by the 31st of December 2018.

A Review of Cybersecurity Incidents in the Water Sector a good start but with technical issues

www.controlglobal.com/blogs/unfettered/a-review-of-cybersecurity-incidents-in-the-water-sector-a-good-start-but-with-technical-issues/ See also:

www.researchgate.net/publication/335753106_A_Review_of_Cybersecurity_Incidents_in_the_Water_Sector

Tibetan Groups Targeted with 1-Click Mobile Exploits

citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/

Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise

threatpost.com/critical-linux-wi-fi-bug-system-compromise/149325/

Free decrypter released for STOP ransomware, today’s most popular ransomware strain

www.zdnet.com/article/free-decrypter-released-for-stop-ransomware-todays-most-popular-ransomware-strain/ The decrypter can unlock 148 of the 160 variants of the STOP ransomware.

Germany’s BSI tested Firefox, Chrome, IE, and Edge. Firefox was only browser to pass all minimum requirements for mandatory security features.

www.zdnet.com/article/germanys-cyber-security-agency-recommends-firefox-as-most-secure-browser/

Inspired by gitrob, my new tool shhgit will watch this real-time stream and pull out any accidentally committed secrets.

darkport.co.uk/blog/ahh-shhgit!/

Using open source products to prevent common passwords from being used

www.vdalabs.com/2019/10/17/password-security/

Yubico security keys can now be used to log into Windows computers

www.zdnet.com/article/yubico-security-keys-can-now-be-used-to-log-into-windows-computers/

RDP Honeypot: How attackers take over vulnerable servers and pivot onwards

www.wilbursecurity.com/2019/10/rdp-honeypotting/

Docker Enterprise has become the first container platform to complete the Security Technical Implementation Guides (STIG) certification process.

www.docker.com/blog/docker-enterprise-first-disa-stig-container-platform/ The Security Technical Implementation Guides (STIGs) are the configuration standards for DOD IA and IA-enabled devices/systems.. The STIGs contain technical guidance to lock down information systems/software that might otherwise be vulnerable to a malicious computer attack.. See also public.cyber.mil/stigs/downloads/. See also Katakri.

IBM 2019 Cost of a Data Breach Report

www.ibm.com/security/data-breach Average total cost of a data breach USD 3.92 million.. Average size of a data breach 25,575 records.

Recruitment Sites Expose Personal Data of 250k Jobseekers

www.infosecurity-magazine.com/news/personal-data-of-200k-jobseekers/ Applicants’ data was exposed when both companies set the privacy settings on their buckets to public instead of private. This error meant that the resume of someone who applied for a job could be viewed and also downloaded by anyone who knew the location of the buckets.

Italy is experiencing a rash of ransomware attacks that play dark German rock music [Rammstein] while encrypting victims’ files.

www.infosecurity-magazine.com/news/italians-rocked-by-ransomware/

Rogue Mobile App Fraud Soars 191% in 2019

www.infosecurity-magazine.com/news/rogue-mobile-app-fraud-soars-191/ There were also significant increases in detections of financial malware (up 80%) and social media attacks (37%).

Fake Photo Beautification Apps on Google Play can Read SMS Verification Code to Trigger Wireless Application Protocol (WAP)/Carrier Billing

blog.trendmicro.com/trendlabs-security-intelligence/fake-photo-beautification-apps-on-google-play-can-read-sms-verification-code-to-trigger-wireless-application-protocol-wap-carrier-billing/

Maze Ransomware Now Delivered by Spelevo Exploit Kit

www.bleepingcomputer.com/news/security/maze-ransomware-now-delivered-by-spelevo-exploit-kit/

REvil Ransomware Affiliates Partner with Corporate Intruders

www.bleepingcomputer.com/news/security/revil-ransomware-affiliates-partner-with-corporate-intruders/

NCSC-UK: Mass credential harvesting phishing campaign active in the UK

www.ncsc.gov.uk/news/mass-credential-harvesting-phishing-campaign-active-uk

An audit of Mississippi government institutions has revealed an alarming lack of compliance with standard cybersecurity practices and with the state’s own enterprise security program.

www.infosecurity-magazine.com/news/mississippi-disregards/ A survey of 125 state agencies, boards, commissions, and universities conducted by the Office of the State Auditor (OSA) revealed that only 53 had a cybersecurity policy in place. Eleven reported having no security policy or disaster recovery plan whatsoever.

Android version of Chrome 77 gets Site Isolation to thwart side-channel attacks

www.theregister.co.uk/2019/10/18/chrome_solitary_confinement/

Hacking 20 high-profile dev accounts could compromise half of the npm ecosystem

www.zdnet.com/article/hacking-20-high-profile-dev-accounts-could-compromise-half-of-the-npm-ecosystem/ 391 highly influential maintainers affect more than 10,000 packages. It only takes access to 20 popular npm maintainer accounts to deploy malicious code impacting more than half of the npm ecosystem.

Outage: Multifactor authentication issue hitting North American Azure, Office 365 users

www.zdnet.com/article/multifactor-authentication-issue-hitting-north-american-azure-office-365-users/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.