Daily NCSC-FI news followup 2019-11-10

Tällaisilla viesteillä suomalaisilta yrityksiltä kalastellaan rahaa katso, olisitko itse haksahtanut

yle.fi/uutiset/3-11026269?origin=rss Tässä jutussa näet esimerkkejä aidoista työpaikoille tulevista huijausviesteistä.

The state of JavaScript frameworks security report 2019

snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf A security review of Angular and React with a sneak peek into Vue.js, Bootstrap and jQuery. Also

www.i-programmer.info/news/167-javascript/13232-the-perils-of-jquery.html. ” Although the JavaScript library jQuery is no longer as popular as it was, it is still widely used. As a result at least six in ten websites are impacted by jQuery XSS vulnerabilities. “

5G-teknologia tulee myös viranomaisten avuksi saako taivaalta droonikuvaa suorana?

yle.fi/uutiset/3-11060861?origin=rs Oulun yliopiston vetämä Priority-projekti tutkii ja kehittää viranomaisille ja etäyrityksille suunnattuja toiminnan kannalta kriittisiä viestintäratkaisuja. Mukana tutkimuskonsortiossa on tutkimuslaitoksia (Centria- ja Turun ammattikorkeakoulut), VTT, viranomaisia (mm. Puolustusvoimat ja pelastustoimi) sekä yrityksiä.

Miten hakkeri tekee tiedustelua?

www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/miten-hakkeri-tekee-tiedustelua Team ROT -valkohattuhakkerikollektiivin Iiro Uusitalo esittelee hakkereiden käyttämiä tiedustelumenetelmiä, joilla hakkerit selvittävät etukäteen reittejä hyökkäyksen kohteena oleviin tietojärjestelmiin.

You might be interested in …

Daily NCSC-FI news followup 2021-04-05

Supply chain attacks: what we know about the SolarWinds Sunburst’ exploit, and why it still matters blog.checkpoint.com/2021/04/05/supply-chain-attacks-what-we-know-about-the-solarwinds-sunburst-exploit-and-why-it-still-matters/ In a press conference, more than 2 months after the incident, the U.S. deputy national security advisor said that investigators were still in the “beginning stages” of understanding the scope and scale of the attack. What makes the […]

Read More

Daily NCSC-FI news followup 2020-02-28

RSAC 2020: Ransomware a National Crisis, CISA Says, Ramps ICS Focus threatpost.com/ransomware-national-crisis-cisa-ics/153322/ Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) this year especially as ransomware looms as a main threat to the sector going forward.. Thats according to Christopher […]

Read More

Daily NCSC-FI news followup 2020-05-30

List of well-known web sites that port scan their visitors www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/ Last weekend, news heavily circulated that eBay.com was port scanning visitors’ computers when they browsed their site. To see what other sites may be using this script, BleepingComputer reached out to DomainTools, a cybersecurity company specializing in web domain and DNS threat intelligence. Of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.