Daily NCSC-FI news followup 2019-10-22

Googlen ja Amazonin älykaiuttimia voi käyttää vakoiluun ja tietojen urkintaan haittasovelluksien kautta.

www.is.fi/digitoday/art-2000006281649.html Tutkijat esittelevät julkaisemallaan videolla yhtä mahdollista urkintakeinoa. Horoskooppisovellukseksi naamioitu haittasovellus ilmoittaa ensin, ettei horoskoopin luku onnistu ja hiljenee. Sammumisen sijaan sovellus pysyy kuitenkin käynnissä.

3 Key Questions to Help Address Enterprise IoT Security Risks

securityintelligence.com/posts/3-key-questions-to-help-address-enterprise-iot-security-risks/ Armis estimated that by 2021, up to 90 percent of enterprise devices will be unagentable. Similarly, by 2021, 20 percent of all cyberattacks will be executed through by IoT.

Japanese hotel chain sorry that hackers may have watched guests through bedside robots

www.theregister.co.uk/2019/10/22/japanese_hotel_chain_sorry_that_bedside_robots_may_have_watched_guests/ Several weeks ago a security researcher revealed on Twitter that he had warned HIS Group in July about the bed-bots being easily accessible.. Having heard nothing, the researcher made the hack public on 13 October. The vulnerability allows guests to gain access to cameras and microphones in the robot remotely so they could watch and listen to anyone in the room in the future.

Tech, security vendors form group to address operational technology cybersecurity risks

www.zdnet.com/article/tech-security-vendors-form-group-to-address-operational-technology-cybersecurity-risks/ Operational Technology Cyber Security Alliance (OTCSA) is designed to mitigate risk and assess business impact from cyberattacks on utilities, manufacturing and oil and gas industries and physical control devices.. Initial members of the Operational Technology Cyber Security Alliance include ABB, Check Point Software, BlackBerry Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence, Splunk and Wärtsilä.

Firefox 70 arrives with social tracking blocked by default, privacy report, and performance gains

venturebeat.com/2019/10/22/mozilla-firefox-70/ Mozilla today estimated that Firefox has blocked more than 450 billion tracking requests since July 2 (some 10 billion every day). While this mainly happens in the background, Mozilla wants to give Firefox users more visibility into how theyre being tracked online.

In a First, FTC Bans Company From Selling Stalkerware

www.vice.com/en_us/article/7x5m5a/ftc-bans-retinax-from-selling-stalkerware Federal Trade Commission (FTC) announced it has barred a company — from selling any more apps that monitor mobile devices unless they take steps to ensure their software is only used for legitimate purposes.

American High School Hack Linked to Epic Water Fight

www.infosecurity-magazine.com/news/school-hack-linked-to-water-fight/ Students at a Pennsylvania high school are being questioned by police after allegedly hacking into a school website to gain a competitive edge in a high-stakes water gun fight.. “The consequences for these young individuals [are] likely to be severe. Cyber-hacking is a federal crime, and we are working with the proper authorities to determine the appropriate discipline and legal ramifications,” wrote the district.

Thousands Warned Over UK ‘Home Group’ Data Breach

www.infosecurity-magazine.com/news/home-group-data-breach/ The Home Group one of the biggest housing associations in the UK has warned around 4000 customers that their personal details may have been stolen after the company suffered a data breach.. The issue was resolved within 90 minutes, according to Home Group spokespeople.

Major German manufacturer, Pilz, still down a week after getting hit by ransomware

www.zdnet.com/article/major-german-manufacturer-still-down-a-week-after-getting-hit-by-ransomware/ Since Sunday, October 13, 2019, all servers and PC workstations, including the company’s communication, have been affected worldwide.. BitPaymer’s authors engage in what’s called “big game hunting,” a term coined by Crowdstrike and which describes the act of going only after high-value targets — in the hopes of extracting a large ransom payment, instead of extorting home consumers for meager profits.

US Billing Provider Billtrust Suffers Outage After Malware Attack

www.bleepingcomputer.com/news/security/billing-provider-billtrust-suffers-outage-after-malware-attack/ While the company has not indicated the type of cyberattack, a source familiar with the matter told BleepingComputer that the company was affected by the BitPaymer ransomware.

Czech authorities dismantle alleged Russian cyber-espionage network

www.zdnet.com/article/czech-authorities-dismantle-alleged-russian-cyber-espionage-network/ Czech officials said the Russian spies had set up several hardware and software companies and were using their server infrastructure to launch cyber-attacks on the Czech Republic, but also EU and NATO allies.. Besides BIS intelligence service, the Czech National Cyber and Information Security Agency (NUKIB) and the Cezch Police’s National Organised Crime Centre (NCOZ) have also contributed to taking down the alleged Russian spy network last year.

Magecart group linked to Dridex banking Trojan, Carbanak

www.zdnet.com/article/magecart-group-linked-to-dridex-banking-trojan-carbanak/ On Tuesday, cybersecurity researchers from Malwarebytes said one of the Magecart groups that are currently active, assigned the name Magecart Group 5, appears to have connections to the Carbanak Advanced Persistence Threat (APT) gang.. Magecart Group 5 has a “very different modus operandi” to others in the space, Malwarebytes says, as it tends to hone in on weaknesses in the supply chain and low-hanging fruit rather than directly assault its true targets.

ATTK of the Pwns: Trend Micro’s antivirus tools ‘will run malware – if its filename is cmd.exe’

www.theregister.co.uk/2019/10/21/flaw_trend_micro/ In short, the Trend software can be tricked into executing any old piece of software under the sun, including malware, when it is scanned, provided the filename is cmd.exe or regedit.exe. No, really.

How to Secure Wi-Fi and Improve Personal and Enterprise Security From Home

securityintelligence.com/articles/how-to-secure-wi-fi-and-improve-personal-and-enterprise-security-from-home/ Cybersecurity is much more than enabling antivirus software or deploying an email link scanning tool its a series of choices. Some choices open systems up to security incidents, while others can help prevent a data breach.

Risk management as the essential skill for a CISO

www.kaspersky.com/blog/ciso-2019/29014/ CISOs must above all be able to adequately assess risks and build information security systems perfectly adapted to their companies and business processes, rather than hyperfocus on incident protection.

How much security do you really need?

blogs.cisco.com/security/how-much-security-do-you-really-need According to our new report, “The Security Bottom Line,” no matter how large your budget is, youre not likely to feel that you have everything you need to effectively protect your environment from cyberattacks

Aurora Insight emerges from stealth with $18M and a new take on measuring wireless spectrum

techcrunch.com/2019/10/22/aurora-insight-emerges-from-stealth-with-18m-and-a-new-take-on-measuring-wireless-spectrum/ Aurora Insight, a startup that provides a “dynamic” global map of wireless connectivity that it built and monitors in real time using AI combined with data from sensors on satellites, vehicles, buildings, aircraft and other objects, is emerging from stealth today with the launch of its first publicly-available product. a platform providing insights on wireless signal and quality covering a range of wireless spectrum bands, offered as a cloud-based, data-as-a-service product.

EU contracts with Microsoft raising serious data concerns, says watchdog

techcrunch.com/2019/10/21/eu-contracts-with-microsoft-raising-serious-data-concerns-says-watchdog/ Though the investigation is still ongoing, preliminary results reveal serious concerns over the compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services.

Facebook: Removing More Coordinated Inauthentic Behavior From Iran and Russia

newsroom.fb.com/news/2019/10/removing-more-coordinated-inauthentic-behavior-from-iran-and-russia/ Today, we removed four separate networks of accounts, Pages and Groups for engaging in coordinated inauthentic behavior on Facebook and Instagram. Three of them originated in Iran and one in Russia, and they targeted a number of different regions of the world: the US, North Africa and Latin America.

It Is Time to Outsource Your Passwords to an App

www.wired.com/story/time-to-outsource-your-passwords-app/ Your brain has better things to do than store secure passwords. Get a dedicated password manager to keep your login data synced and secure across all devices.

Trend Micro Tackles Cloud Misconfigurations with Latest Acquisition

www.infosecurity-magazine.com/news/trend-micro-cloud/ Trend Micro cited Gartner findings that by 2023, 99% of cloud security failures will be the customers fault.

Bank of America’s CEO says that it’s saved $2 billion per year by ignoring Amazon and Microsoft and building its own cloud instead

www.businessinsider.com/bank-of-americas-350-million-internal-cloud-bet-striking-payoff-2019-10 CEO Brian Moynihan said the decision helped reduce the firm’s servers to 70,000 from 200,000 and its data centers to 23 from 60, and it has resulted in $2 billion in annual infrastructure savings.

You might be interested in …

Daily NCSC-FI news followup 2020-02-09

Lock My PC Used By Tech Support Scammers, Dev Offers Free Recovery www.bleepingcomputer.com/news/security/lock-my-pc-used-by-tech-support-scammers-dev-offers-free-recovery/ Tech Support scammers are using a free utility called Lock My PC to lock users out of their PCs unless they pay the requested “support” fees. For years telephone scammers pretending to be from Microsoft, Google, and other companies have been convincing […]

Read More

Daily NCSC-FI news followup 2020-08-14

NSA and FBI Cybersecurity Advisory – Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control (C2) server. When deployed on a victim machine, the Drovorub implant […]

Read More

Daily NCSC-FI news followup 2019-11-12

BlueKeep freakout had little to no impact on patching, say experts www.theregister.co.uk/2019/11/11/bluekeep_didnt_boost_patching/ According to SANS, those reports did not do much to get people motivated. The security institute says that the rate of BlueKeep-vulnerable boxes it tracks on Shodan has been on a pretty steady downward slope since May, and the media’s rush to sound […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.