Daily NCSC-FI news followup 2019-11-27

Its Way Too Easy to Get a .gov Domain Name

krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to . obtain their very own .gov domain

Protecting users from government-backed hacking and disinformation

blog.google/technology/safety-security/threat-analysis-group/protecting-users-government-backed-hacking-and-disinformation/ Google’s Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and our users. Weve had a long-standing policy to send users warnings if we detect that they are the subject of state-sponsored phishing attempts, and have posted periodically about these before. From July to September 2019, we sent more than 12,000 warnings to users in 149 countries that

Full(z) House: a digital crime group using a full deck to maximize profits

www.riskiq.com/blog/labs/fullz-house/ In this article, we will discuss our insights into a criminal group that maximizes their profit by working in two ecosystems that are typically distinct, phishing and web skimming. By combining tactics, this group was playing with a full deck when it came to stealing financial data. Introducing Full(z) House.

Cyber Attack Causes Prosegur Security Company To Shut Down Its Network

www.bleepingcomputer.com/news/security/cyber-attack-causes-prosegur-security-company-to-shut-down-its-network/ In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. According to Derecho de la Red, the malware strain used in the attack is Ryuk, delivered via Emotet.

Ransomware Locks Medical Records at Great Plains Health

www.bleepingcomputer.com/news/security/ransomware-locks-medical-records-at-great-plains-health/ Great Plains Health medical center is recovering from a ransomware incident that hit its computer network at the beginning of the week and forced switching to pen and paper to maintain activity.

Daily NCSC-FI news followup 2020-05-29

Highly-targeted attacks on industrial sector hide payload in images www.bleepingcomputer.com/news/security/highly-targeted-attacks-on-industrial-sector-hide-payload-in-images/ Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. Victims in multiple countries (Japan, the U.K., Germany, Italy) were identified. Some of them supply equipment and software solutions to industrial enterprises. […]

Daily NCSC-FI news followup 2021-06-18

Ransomware Actors Evolved Their Operations in 2020 www.crowdstrike.com/blog/ransomware-actors-evolved-operations-in-2020/ The year 2020 was marked by the trend continuing at an accelerated rate. The advancements by eCrime actors include refinement and application of high-pressure extortion tactics on victim organizations and the sharing or copying of new techniques among different ransomware groups, in addition to a marked increase […]

Daily NCSC-FI news followup 2020-07-22

Verkkohyökkäys lukitsi autotarvikeliikkeen kassat, salasi tiedot ja sulki ovet Tiedätkö miten varautua, sillä voit olla rikollisen seuraava kohde? yle.fi/uutiset/3-11456333 Kyberturvallisuuskeskus kehottaa varautumaan verkkoiskuun, jotta toimintaa pystyisi jatkamaan mahdollisimman pian. Yrittäjä Raimo Tunkkaria odotti heinäkuisena aamuna ikävä yllätys. Keminmaassa toimivan autotarvike- ja korjaamoyrityksen tietokoneruudulla oli viesti, jossa hakkerit kertoivat lukinneensa yrityksen tiedot. Varaosa Paakkarin asiakas- ja […]