Daily NCSC-FI news followup 2019-10-23

NCSC-UK Annual Review 2019

www.ncsc.gov.uk/news/annual-review-2019 Single-page version PDF:


Virus Bulletin confernce 2019: Papers on Emotet and Ryuk

www.virusbulletin.com/blog/2019/10/vb2019-papers-emotet-and-ryuk/ Targeted ransomware has become one of the biggest and most damaging cybercrime trends in recent years. ‘Targeted’ is a bit of a misnomer though: the operators of the ransomware rarely choose the victim organisations. Instead, they have the organisations ‘chosen’ through an infection with another piece of malware that is then used as a foothold for the ransomware.. Quite often, this malware is Emotet, which made a spectacular comeback in September. The ransomware is deployed often through a second malware family like Trickbot. Various ransomware families are making use of this scheme to be installed on high-value networks, with Ryuk being one of the most prominent.

Eksoten tietoturva petti: satojen ihmisten tiedot olivat vaarassa paljastua vuodon takia, pahimmassa tapauksessa

esaimaa.fi/uutiset/lahella/d33b098d-05af-454d-a230-1c72957481f5 ulkopuoliset ovat voineet lukea yksityisiä tietoja keväästä 2018 lähtien

Spanish Police Arrest Three in 10-million EUR BEC Bust

www.infosecurity-magazine.com/news/spanish-police-arrest-three-in-10m/ They are said to have run a complex network of 83 fake companies and 185 bank accounts designed to launder the funds. Money was moved frequently between these to put investigators off the scent. So far, Spanish police have only been able to recover 1.3m of the total 10.7m stolen.. The FBI estimates that $1.3bn was lost to BEC scams last year.

Amazon Web Services’ DNS systems knackered by hours-long cyber-attack


10% of Small Businesses Breached Shut Down in 2019

www.darkreading.com/operations/10–of-small-businesses-breached-shut-down-in-2019/d/d-id/1336156 As a result of cybercrime, 69% of small organizations were forced offline for a limited time and 37% experienced financial loss. 25% filed for bankruptcy.. Source survey:


Office 365 Adds Malware ZAP Toggle to Security & Compliance Center

www.bleepingcomputer.com/news/security/office-365-adds-malware-zap-toggle-to-security-and-compliance-center/ Microsoft’s developers are adding a new malware Zero-hour Auto Purge (ZAP) toggle to the Office 365 Security & Compliance Center to allow configuration without using a PowerShell cmdlet.. ZAP comes with all Office 365 subscriptions that have an Exchange Online mailbox and is available with the default Exchange Online Protection.

Huawei: Easier to bribe telco staff than build backdoors

www.zdnet.com/article/huawei-easier-to-bribe-telco-staff-then-build-backdoors/ It requires so much effort to build backdoors into networking equipment that work across different global communications networks and system configurations that it likely is easier and more effective to bribe a telco executive, says Huawei’s chief cybersecurity officer.

‘No such thing’ as cyber warfare: Australia’s head of cyber warfare

www.zdnet.com/article/no-such-thing-as-cyber-warfare-australias-head-of-cyber-warfare/ Warfare is warfare, espionage is internationally normal, and cyber is just one of a suite of potential capabilities for a military response, says Major General Marcus Thompson.

Simplify and cooperate to beat back the cybercrime wave

www.zdnet.com/article/simplify-and-cooperate-to-beat-back-the-cyber-crime-wave/ Complexity, recent data breaches, and perceived urgency are creating opportunities for online criminals.. One approach businesses take is to invoke a zero trust policy where no user or device is considered to be safe.

How Can Airlines Protect Their Customers and Data From Evolving Cyberthreats?


What Has Cybersecurity Pros So Stressed — And Why It’s Everyone’s Problem

www.darkreading.com/edge/theedge/what-has-cybersecurity-pros-so-stressed—-and-why-its-everyones-problem/b/d-id/1336146 According to a 2018 study published by ISC(2), more than 84% of cybersecurity professionals said they were either open to new job opportunities or already planned on pursuing a new opportunity that year.. 63% of respondents said they wanted to work at an organization where their opinions on the existing security posture were taken seriously.

Google Claims a Quantum Breakthrough That Could Change Computing


Quantum supremacy from Google? Not so fast, says IBM.


$35B face data class action lawsuit against Facebook will proceed

techcrunch.com/2019/10/18/facebook-35-billion-lawsuit/ Facebook could face $1,000 to $5,000 in penalties per user for 7 million people, which could sum to a maximum of $35 billion.

Chrome 78 arrives with new APIs, dark mode improvements on Android and iOS

venturebeat.com/2019/10/22/google-chrome-78/ Google spent at least $58,500 in bug bounties for this release.

End-of-life Fujitsu Wireless Keyboard Plagued By Unpatched Flaws

threatpost.com/fujitsu-wireless-keyboard-unpatched-flaws/149477/ Two high-severity vulnerabilities in a Fujitsu wireless keyboard expose passwords and allow keystroke injection attacks.

Firefox, Chrome Bugs Allow Arbitrary Code-Execution

threatpost.com/critical-firefox-bugs-arbitrary-code-execution/149455/ Multiple critical memory safety bugs in Firefox 69 and Firefox ESR 68.1 in particular affect medium and large government entities and enterprises.

You might be interested in …

Daily NCSC-FI news followup 2021-01-09

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html Incident response investigations dont always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an […]

Read More

Daily NCSC-FI news followup 2020-11-12

Two New Chrome 0-Days Under Active Attacks Update Your Browser thehackernews.com/2020/11/two-new-chrome-0-days-under-active.html Google has patched two more zero-day flaws in the Chrome web browser for desktop, making it the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks. Lisäksi: chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html. Lisäksi: www.zdnet.com/article/google-patches-two-more-chrome-zero-days/. Lisäksi: us-cert.cisa.gov/ncas/current-activity/2020/11/12/google-releases-security-updates-chrome. Lisäksi: threatpost.com/2-zero-day-bugs-google-chrome/161160/ DNS cache poisoning, the Internet […]

Read More

Daily NCSC-FI news followup 2020-12-15

Yhdysvalloissa on hakkeroitu lisää hallinnon järjestelmiä kotimaan turvallisuusvirasto oli viimeisimmän kyberhyökkäyksen uhri yle.fi/uutiset/3-11697114 Yhdysvaltain kotimaan turvallisuusviraston vastuulla on maan suojeleminen perinteisiä sekä verkkohyökkäyksiä vastaan. No One Knows How Deep Russia’s Hacking Rampage Goes www.wired.com/story/russia-solarwinds-supply-chain-hack-commerce-treasury/ Dark Halo Leverages SolarWinds Compromise to Breach Organizations www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/ Volexity is releasing additional research and indicators associated with compromises impacting customers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.