Daily NCSC-FI news followup 2019-11-17

Indian officials acknowledged on October 30th that a cyberattack occurred at the countrys Kudankulam nuclear power plant.

thebulletin.org/2019/11/lessons-from-the-cyberattack-on-indias-largest-nuclear-power-plant/ While reactor operations at Kudankulam were reportedly unaffected, this incident should serve as yet another wake-up call that the nuclear power industry needs to take cybersecurity more seriously.. The problem of cybersecurity is not new to the nuclear power industry, and it does not require solutions radically different from those already in place in fields such as finance and commercial aviation.. But last weeks example of a well-established nuclear power program responding to a breach with denial, obfuscation, and shopworn talk of so-called air-gaps demonstrates how dangerously little progress the industry has made to date.

Chrome, Edge, Safari hacked at elite Chinese hacking contest

www.zdnet.com/article/chrome-edge-safari-hacked-at-elite-chinese-hacking-contest/#ftag=RSSbaffb68 China’s top hackers have gathered this weekend in the city of Chengdu to compete in the Tianfu Cup, the country’s top hacking competition.. Over the course of two days — November 16 and 17 — Chinese security researchers will test zero-days against some of the world’s most popular applications.. The goal is to exploit and take over an app using never-before-seen vulnerabilities. If attacks succeed, researchers earn points towards an overall classification, cash prizes, but also the reputation that comes with winning a reputable hacking competition.

Essee: Kuka päättää, milloin tekoäly tappaa?

www.hs.fi/sunnuntai/art-2000006309661.html Keskustelussa tekoälyn sotilaskäytöstä on keskitytty vääriin uhkakuviin. Kyse ei ole tappajaroboteista vaan luottamuksen rapautumisesta, kirjoittaa turvallisuuspolitiikkaan erikoistunut toimittaja Kari Huhta.. Huom: Artikkeli maksumuurin takana

Gigantin sivuston tietoturva-aukko ehti olla auki kuukauden, sivustolta pääsi hakemaan henkilötietoja

www.hs.fi/kotimaa/art-2000006312024.html Gigantti-klubi-nimisen etuasiakkuuden rekisteröintisivulla pystyi hakemaan puhelinnumerolla tietokannasta ihmisten henkilötietoja. Kyseinen tietokanta on markkina- ja luottotietoyhtiö Bisnoden yhteystieto- ja henkilömarkkinointirekisteri.. Gigantin markkinointijohtaja Sami Särkelä kertoi HS:lle sunnuntaina, että rekisteröintisivun lomake on ollut käytössä noin kuukauden ajan.. Valitettavasti meille selvisi eilen lauantaina, että asiakastietolomakkeen koodissa oleva virhe on mahdollistanut sellaisten tietojen näkymisen, joka ei ole tietosuojan mukaista, Särkelä kertoi sähköpostitse. Hänen mukaansa järjestelmä on nyt suljettu, ja koodia korjataan parhaillaan.

You might be interested in …

Daily NCSC-FI news followup 2020-03-27

Best password managers for business in 2020: 1Password, Keeper, LastPass, and more www.zdnet.com/article/best-password-managers/ Everyone needs a password manager. Period, full stop. It’s the only possible way to maintain unique, hard-to-guess credentials for every secure site you, your family members, and your team access daily. Booz Allen analyzed 200+ Russian hacking operations to better understand their […]

Read More

Daily NCSC-FI news followup 2019-06-18

Microsoft Operating Systems BlueKeep Vulnerability www.us-cert.gov/ncas/alerts/AA19-168A BlueKeep (CVE-2019-0708) exists within the Remote Desktop Protocol (RDP) used by the Microsoft Windows OSs listed above. An attacker can exploit this vulnerability to perform remote code execution on an unprotected system. Russian Hacks on U.S. Voting System Wider Than Previously Known www.bloomberg.com/news/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections Russias cyberattack on the U.S. electoral […]

Read More

Daily NCSC-FI news followup 2019-10-29

Industrial equipment to come under fire at the world’s largest hacking contest www.zdnet.com/article/industrial-equipment-to-come-under-fire-at-the-worlds-largest-hacking-contest/ Pwn2Own hacking contest to feature ICS SCADA targets for the first time. The next Pwn2Own contest is set to take place at the S4 ICS security conference that will be held in Miami South Beach on January 21-23, 2020. Microsoft: Russian hackers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.