Daily NCSC-FI news followup 2019-11-08

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?

www.theregister.co.uk/2019/11/07/ubiquiti_networks_phone_home/ Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.. It all kicked off when the US-based manufacturer confirmed that a software update released this month programmed the devices to establish secure connections back to Ubiquiti servers and report information on Wi-Fi router performance and crashes.

Phones and PCs sold in Russia will have to come pre-installed with Russian apps

www.zdnet.com/article/phones-and-pcs-sold-in-russia-will-have-to-come-pre-installed-with-russian-apps/ The Russian Parliament is debating a bill that will force all electronic equipment sold in Russia — such as smartphones, computers, and smart TVs — to ship pre-installed with apps from Russian tech firms.

Pwn2Own Tokyo Roundup: Amazon Echo, Routers, Smart TVs Fall to Hackers

threatpost.com/pwn2own-tokyo-2019-amazon-echo-hackers/150033/ Overall, contestants in the Tokyo 2019 event earned more than $315,000 over the two-day hacking contest, for uncovering 18 different bugs in the various products. This encompassed new categories for Wi-Fi routers, televisions and smart-home/home automation products, including the pwning of an Amazon Echo. Three teams Team Fluoroacetate, F-Secure Labs and newcomers Team Flashback dominated

www.zdnet.com/article/microsofts-rust-experiments-are-going-well-but-some-features-are-missing/ In short, the experiments have gone well, and engineers described working with Rust as “generally positive;” however, some features are missing, but the company is willing to help and move the project forward..

msrc-blog.microsoft.com/2019/11/07/using-rust-in-windows/

New Study: Hospital Breaches Could Be Killing Patients

www.infosecurity-magazine.com/news/hospital-breaches-could-be-killing/ Researchers at Vanderbilt University and the University of Central Florida analyzed breach data for 3000 hospitals from 2012-2016 in an attempt to estimate the relationship between breach remediation efforts and care quality. Department of Health and Human Services (HHS) breach data and Medicare Compare’s public data on hospital care measures provided the data sources.. What they found was shocking: an increase in 30-day mortality rate for heart attacks that translated to 36 additional deaths per 10,000 heart attacks per year. Mortality rates apparently continued to rise for about three years after a breach before tapering off.

One mans mistake, missing backups and complete reboot: The tale of Europes Galileo satellites going dark

berthub.eu/articles/posts/state-of-galileo-and-accident/ It is indeed true that a presentation was held in Florida where details were shared with that audience, and by paying $24 we can download the presentation that was held there. From the slides, we learn that the outage stemmed from a failure in the system that determines the satellite orbits and clock parameters, which are normally uploaded to the satellites many times per day.. After the incident started, it took a while to determine what was going one before operations could be restarted, but by that time, the constellation had already drifted too far from a known state that the status of the orbits and clocks could be converged upon quickly. If the backup site had been live, it would have been a great place to restart from, since it presumably would have been in a . Also

www.theregister.co.uk/2019/11/08/galileo_satellites_outage/

You might be interested in …

Daily NCSC-FI news followup 2019-06-17

Bloomberg: Argentina Isnt Ruling Out a Cyberattack in Major Power Outage www.bloomberg.com/news/articles/2019-06-16/massive-power-failure-sweeps-across-argentina-and-uruguay Though a cyberattack isnt the primary hypothesis, it cant be ruled out, Argentine Energy Secretary Gustavo Lopetegui told reporters in Buenos Aires. A technical issue or simple humidity could have triggered the breakdown, said Carlos Garcia Pereira, head of Transener, Argentinas largest power-transmission […]

Read More

Daily NCSC-FI news followup 2020-10-26

Apua ja neuvoja tietovuodon uhreille tietovuotoapu.fi/fi/ Tietovuotoapu-sivustolta löydät kootusti viranomaisten ja avustusjärjestöjen ohjeita tietovuodon uhreille. Sivustoa päivitetään jatkuvasti. Mitä tehdä, jos törmää vuodettuun materiaaliin? Tietojen käsittelemisestä voi saada jopa vuoden vankeusrangaistuksen yle.fi/uutiset/3-11613689 Jos netissä törmää vuodettuun, haitalliseen sisältöön, siitä tulisi ilmoittaa Kyberturvallisuuskeskukseen tai poliisille. Moni miettii nyt, onko oma tietoturva ajan tasalla asiantuntija kertoo viisi […]

Read More

Daily NCSC-FI news followup 2020-11-17

Nordean tietomurrosta kahdelle vankeutta yhden syytteet hylättiin Pohjanmaan käräjäoikeudessa yle.fi/uutiset/3-11652084?origin=rss Rikokset ajoittuivat kesään 2019. Käräjäoikeus määräsi tiistaina tuomitut maksamaan pankille yhteensä yli 276 000 euroa vahingonkorvauksia. Delhin poliisi pidätti 17 ihmistä “Microsoftin palvelukeskuksesta” www.tivi.fi/uutiset/tv/79cbdf6d-9551-46b5-b6ff-06a378686a75 Poliisin antamien tietojen mukaan huijariporukka oli ehtinyt petkuttaa ihmisiä jo runsaan vuoden ajan. Uhrien määräksi kerrotaan 2268 ja saaliiksi runsaat 0, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.