Daily NCSC-FI news followup 2019-11-22

Yli 200 kuntaa ja julkista organisaatiota harjoittelee toimintaa kyberhyökkäystilanteessa

yle.fi/uutiset/3-11081256 Väestörekisterikeskuksen Taisto19-harjoituksessa hakkeriryhmä vaatii organisaatiolta lunnaita ja toteuttaa kyberhyökkäyssarjan.

Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison

thehackernews.com/2019/11/lisov-neverquest-russian-hacker.html A Russian hacker who created and used Neverquest banking malware to steal money from victims’ bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York.

T-Mobile Suffers Data Breach Affecting Prepaid Wireless Customers

thehackernews.com/2019/11/t-mobile-prepaid-data-breach.html The US-based telecom giant T-Mobile today disclosed a yet another data breach incident that recently exposed potentially personal information of some of the customers using its prepaid services.

Iran on yhä taitavampi sulkemaan yhteydet ulkomaailmaan Netin katkaiseminen on yleistyvä keino levottomuuksien tukahduttamiseksi

yle.fi/uutiset/3-11081324 Iranin internet-yhteydet ulkomaailmaan ovat olleet katkaistuina tai ainakin osittain poissa pian jo viikon ajan. Hallinto pani yhteydet poikki, kun kansa alkoi protestoida bensan hinnan korotusta vastaan ja yhteenotot muuttuivat verisiksi.

Telian matkapuhelinverkon häiriö korjattu yhteydet toimivat jälleen normaalisti

yle.fi/uutiset/3-11082143 Telian matkapuhelinverkossa oli laaja häiriö perjantaina.

ENISA draws Threat Landscape of 5G Networks

www.enisa.europa.eu/news/enisa-news/enisa-draws-threat-landscape-of-5g-networks/ ENISA, the European Union Agency for Cybersecurity publishes a Threat Landscape for 5G Networks, assessing the threats related to the fifth generation of mobile telecommunications networks (5G).

Edenred on joutunut haittaohjelman kohteeksi

edenred.fi/fi/edenred-on-joutunut-haittaohjelman-kohteeksi/ Edenredin tietojärjestelmiin hyökättiin eilen, marraskuun 21. päivänä. Tutkimme parhaillaan hyökkäyksen laajuutta. Tällä hetkellä työntekijämme eivät pääse työkoneilleen eikä järjestelmiimme. Asiakaspalvelumme on myös suljettu, mutta asiakastukiosiostamme löytyy vastauksia yleisimpiin kysymyksiin

Personal And Social Information Of 1.2 Billion People Discovered In Massive Data Leak

www.dataviper.io/blog/2019/pdl-data-exposure-billion-people/ On October 16, 2019 Bob Diachenko and Vinny Troia discovered a wide-open Elasticsearch server containing an unprecedented 4 billion user accounts spanning more than 4 terabytes of data. A total count of unique people across all data sets reached more than 1.2 billion people, making this one of the largest data leaks from a single source organization in history.

You might be interested in …

Daily NCSC-FI news followup 2021-08-07

Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/ Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. ProxyShell is the name for three vulnerabilities that perform unauthenticated, remote code execution on Microsoft Exchange servers when chained together. […]

Read More

Daily NCSC-FI news followup 2020-05-22

Ragnar Locker ransomware deploys virtual machine to dodge security news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/ A new ransomware attack method takes defense evasion to a new leveldeploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine.. […]

Read More

Daily NCSC-FI news followup 2020-07-17

Iranian Spies Accidentally Leaked Videos of Themselves Hacking www.wired.com/story/iran-apt35-hacking-video/ IBM’s X-Force security team obtained five hours of APT35 hacking operations, showing exactly how the group steals data from email accountsand who it’s targeting. Read also: thehackernews.com/2020/07/iranian-hacking-training-videos.html, arstechnica.com/information-technology/2020/07/iran-state-hackers-caught-with-their-pants-down-in-intercepted-videos/ and securityintelligence.com/posts/new-research-exposes-iranian-threat-group-operations/ Can the exfiltration of personal data by web trackers be stopped? freedom-to-tinker.com/2020/07/14/can-the-exfiltration-of-personal-data-by-web-trackers-be-stopped/ In a series of […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.