Daily NCSC-FI news followup 2019-10-18

KRP epäilee: Rikosliiga hankki suomalaisia henkilötunnuksia ja pankkitilejä kuin liukuhihnalta kansainvälisessä petossarjassa

yle.fi/uutiset/3-11026054 KRP:n mukaan asianomistajille aiheutuneet vahingot ovat olleet tutkittavassa kokonaisuudessa yhteensä noin 725 000 euroa.

APT trends report Q3 2019


UK government has revealed it is working with chip-maker Arm on a £36m initiative to make more secure processors.

www.infosecurity-magazine.com/news/uk-government-announces/ See also www.cl.cam.ac.uk/research/security/ctsrd/cheri/

US Girl Scouts Launch First National Cybersecurity Challenge

www.infosecurity-magazine.com/news/us-girl-scouts-launch/ See also www.girlscouts.org/en/for-girls/cyber-challenge.html

Guarding against supply chain attacksPart 1: The big picture


Microsofts 4 principles for an effective security operations center


Stay Calm, Your Incident Response Is Ready


Smart Meters The Spanish Scenario and the Telemanagement System.

www.tarlogic.com/en/blog/smart-meters-spanish-scenario-telemanagement/ In accordance with Order IRC /3860/2007 of the 28th of December, all electricity meters supplied with a contracted power of up to 15 kW should have been replaced by equipment which allows time-based pricing and remote management by the 31st of December 2018.

A Review of Cybersecurity Incidents in the Water Sector a good start but with technical issues

www.controlglobal.com/blogs/unfettered/a-review-of-cybersecurity-incidents-in-the-water-sector-a-good-start-but-with-technical-issues/ See also:


Tibetan Groups Targeted with 1-Click Mobile Exploits


Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise


Free decrypter released for STOP ransomware, today’s most popular ransomware strain

www.zdnet.com/article/free-decrypter-released-for-stop-ransomware-todays-most-popular-ransomware-strain/ The decrypter can unlock 148 of the 160 variants of the STOP ransomware.

Germany’s BSI tested Firefox, Chrome, IE, and Edge. Firefox was only browser to pass all minimum requirements for mandatory security features.


Inspired by gitrob, my new tool shhgit will watch this real-time stream and pull out any accidentally committed secrets.


Using open source products to prevent common passwords from being used


Yubico security keys can now be used to log into Windows computers


RDP Honeypot: How attackers take over vulnerable servers and pivot onwards


Docker Enterprise has become the first container platform to complete the Security Technical Implementation Guides (STIG) certification process.

www.docker.com/blog/docker-enterprise-first-disa-stig-container-platform/ The Security Technical Implementation Guides (STIGs) are the configuration standards for DOD IA and IA-enabled devices/systems.. The STIGs contain technical guidance to lock down information systems/software that might otherwise be vulnerable to a malicious computer attack.. See also public.cyber.mil/stigs/downloads/. See also Katakri.

IBM 2019 Cost of a Data Breach Report

www.ibm.com/security/data-breach Average total cost of a data breach USD 3.92 million.. Average size of a data breach 25,575 records.

Recruitment Sites Expose Personal Data of 250k Jobseekers

www.infosecurity-magazine.com/news/personal-data-of-200k-jobseekers/ Applicants’ data was exposed when both companies set the privacy settings on their buckets to public instead of private. This error meant that the resume of someone who applied for a job could be viewed and also downloaded by anyone who knew the location of the buckets.

Italy is experiencing a rash of ransomware attacks that play dark German rock music [Rammstein] while encrypting victims’ files.


Rogue Mobile App Fraud Soars 191% in 2019

www.infosecurity-magazine.com/news/rogue-mobile-app-fraud-soars-191/ There were also significant increases in detections of financial malware (up 80%) and social media attacks (37%).

Fake Photo Beautification Apps on Google Play can Read SMS Verification Code to Trigger Wireless Application Protocol (WAP)/Carrier Billing


Maze Ransomware Now Delivered by Spelevo Exploit Kit


REvil Ransomware Affiliates Partner with Corporate Intruders


NCSC-UK: Mass credential harvesting phishing campaign active in the UK


An audit of Mississippi government institutions has revealed an alarming lack of compliance with standard cybersecurity practices and with the state’s own enterprise security program.

www.infosecurity-magazine.com/news/mississippi-disregards/ A survey of 125 state agencies, boards, commissions, and universities conducted by the Office of the State Auditor (OSA) revealed that only 53 had a cybersecurity policy in place. Eleven reported having no security policy or disaster recovery plan whatsoever.

Android version of Chrome 77 gets Site Isolation to thwart side-channel attacks


Hacking 20 high-profile dev accounts could compromise half of the npm ecosystem

www.zdnet.com/article/hacking-20-high-profile-dev-accounts-could-compromise-half-of-the-npm-ecosystem/ 391 highly influential maintainers affect more than 10,000 packages. It only takes access to 20 popular npm maintainer accounts to deploy malicious code impacting more than half of the npm ecosystem.

Outage: Multifactor authentication issue hitting North American Azure, Office 365 users


You might be interested in …

Daily NCSC-FI news followup 2019-11-16

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers threatpost.com/holiday-shoppers-malicious-sites-posing-retailers/150326/ As the holiday season looms, cybercrooks are going after shoppers with more than 100,000 lookalike domains mimicking legitimate retailers.. To that point, Venafi researchers uncovered the copycat phishing sites, which use trusted, valid TLS certificates (60 percent of them are free certificates from […]

Read More

Daily NCSC-FI news followup 2020-11-22

Manchester United Shuts Down Systems To Fend Off A Sophisticated Cyber Attack www.forbes.com/sites/leemathews/2020/11/21/manchester-united-shuts-down-systems-to-fend-off-a-sophisticated-cyber-attack/?sh=2759d59b4b60 Its not often that you find cybersecurity headlines on sports websites, but you will this weekend. Manchester United, the third most valuable soccer team in the world, announced yesterday that its network had been breached by hackers.

Read More

Daily NCSC-FI news followup 2021-05-23

Bizarro banking malware targets 70 banks in Europe and South America www.bleepingcomputer.com/news/security/bizarro-banking-malware-targets-70-banks-in-europe-and-south-america/ The malware spreads through phishing emails that are typically disguised as official tax-related messages informing of outstanding obligations. The malware can terminate online banking sessions and force the user to re-enter the account credentials, while also transferring those credentials to the attackers. There […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.