Daily NCSC-FI news followup 2019-11-23

FBI says hackers are targeting US auto industry

us.cnn.com/2019/11/20/politics/fbi-us-auto-industry-hackers/index.html The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN.

Leaky Gekko Group database exposes info on hotel brands, travelers

www.scmagazine.com/home/security-news/data-breach/leaky-gekko-group-database-exposes-info-on-hotel-brands-travelers/ European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers.

Over 28,000 web domains suspended for criminal activity

www.zdnet.com/article/over-28000-web-domains-suspended-for-criminal-activity/ Over 28,000 .uk domain names were suspended in the last year over reports of criminal activity. Nominet, which is responsible for keeping the .uk internet infrastructure secure, can suspend domains following notification from the police or other law enforcement agencies that the domain is being used for criminal activity.

Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software

thehackernews.com/2019/11/vnc-remote-software-hacking.html Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system.

OnePlus Suffers New Data Breach Impacting Its Online Store Customers

thehackernews.com/2019/11/oneplus-store-data-breach.html Chinese smartphone maker OnePlus has suffered a new data breach exposing personal and order information of an undisclosed number of its customers, likely, as a result of a vulnerability in its online store website.

Extensive hacking operation discovered in Kazakhstan

www.zdnet.com/article/extensive-hacking-operation-discovered-in-kazakhstan/#ftag=RSSbaffb68 Chinese cyber-security vendor Qihoo 360 published a report on Friday exposing an extensive hacking operation targeting the country of Kazakhstan.

TrickBot Trojan Getting Ready to Steal OpenSSH and OpenVPN Keys

www.bleepingcomputer.com/news/security/trickbot-trojan-getting-ready-to-steal-openssh-and-openvpn-keys/ The Trickbot banking trojan keeps evolving according to researchers who spotted this week an updated password grabber module that could be used to steal OpenSSH private keys and OpenVPN passwords and configuration files.

Clop Ransomware Tries to Disable Windows Defender

www.bleepingcomputer.com/news/security/clop-ransomware-tries-to-disable-windows-defender-malwarebytes/ In order to successfully encrypt a victim’s data, the Clop CryptoMix Ransomware is now attempting to disable Windows Defender as well as remove the Microsoft Security Essentials and Malwarebytes’ standalone Anti-Ransomware programs.

You might be interested in …

Daily NCSC-FI news followup 2019-12-23

Finnish government supports local authorities in cyber security initiative www.computerweekly.com/news/252475795/Finnish-government-supports-local-authorities-in-cyber-security-initiative Over 200 of Finlands 311 municipalities have joined the Local Government Anti Cyberspace Threats (LGACT) project to conduct joint IT network defence exercises. Venäjä testasi verkkoyhteyksiä ulkoisen hyökkäyksen varalta yle.fi/uutiset/3-11133312 Venäjän viranomaiset ilmoittavat varautuvansa ääritilanteeseen, jossa maa joutuisi maailmanlaajuisen verkon ulkopuolelle ja eristyksiin muusta maailmasta. […]

Read More

Daily NCSC-FI news followup 2021-01-24

Listasimme verkkohuijausten uusimmat trendit ja keinoja niiden tunnistamiseen Moni huijaus tepsii aina uudestaan sillä kollektiivinen muisti unohtaa yle.fi/uutiset/3-11721481 Lue myös: www.kuluttajaliitto.fi/hankkeet/huijarit-kuriin/ Your Password Isn’t Safe: The Danger Of An Inactive Zombie’ Account www.forbes.com/sites/brookecrothers/2021/01/23/your-password-isnt-safe-the-danger-of-inactive-zombie-accounts/ WhatsApp BacklashStop Using Signal Or Telegram Until You Change These 4 Critical Settings www.forbes.com/sites/zakdoffman/2021/01/23/stop-using-signal-and-telegram-until-you-change-settings-after-whatsapp-and-imessage-privacy-backlash/ SonicWall firewall maker hacked using zero-day in its […]

Read More

Daily NCSC-FI news followup 2020-02-07

Backing up is no panacea when blackmailers publish stolen data www.kaspersky.com/blog/ransomware-data-disclosure/32410/ Backing up data has been one of the most effective, though labor-intensive, safeguards against encrypting ransomware so far. Now, malefactors seem to have caught up with those who rely on backups. The creators of several ransomware programs, confronted with victims refusing to pay the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.