Daily NCSC-FI news followup 2019-12-14

New Orleans city government under cyberattack; workers told to turn off, unplug computers

www.nola.com/news/politics/article_0039909a-1dd3-11ea-919e-938ea62f03b5.html Workers in New Orleans City Hall were told a cyberattack has struck the city government, multiple sources said on Friday. The exact extent of the attack is unknown. The attack was announced over the loudspeaker system in City Hall and workers were told to turn off and unplug their computers about before noon on Friday. City websites are also down.. Also:

www.forbes.com/sites/daveywinder/2019/12/14/new-orleans-declares-state-of-emergency-following-cyber-attack/.

www.zdnet.com/article/new-orleans-hit-by-ransomware-city-employees-told-to-turn-off-computers/.

www.bleepingcomputer.com/news/security/new-orleans-suffers-ransomware-attack-emergency-services-intact/

GitLab Doles Out Half a Million Bucks to White Hats

threatpost.com/gitlab-doles-out-half-a-million-bucks-to-white-hats/151138/ The DevOps lifecycle management said that response to its year-old bug-bounty program has been robust. GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year and has announced the winners of its latest hacking contest.

One in every 172 active RSA certificates are vulnerable to attack

www.zdnet.com/article/1-in-every-172-active-rsa-certificates-are-vulnerable-to-exploit/ Researchers say improper number generation can impact the security of keys used to protect everything from IoT to medical devices. A vulnerability has been discovered in RSA certificates that could compromise one in every 172 certificates currently in active use. On Saturday at the First IEEE Conference on Trust, Privacy, and Security in Intelligent Systems and Applications in Los Angeles, Calfornia, a team of researchers from Keyfactor presented their findings into the security posture of digital certificates.

Todellisen tietomurron tekijän mukaan lähti Facebookin salaamattomia henkilötietoja ei syytä paniikkiin

www.tivi.fi/uutiset/tv/5f3096e0-22be-45f2-853c-b6305f242956 Tietomurrot hoidetaan nykyisin yleensä näppäimistön ja näytön avulla. Perinteisellä sorkkarautametodillakin datavarkauksia silti tapahtuu. Somejätti Facebook on julkaissut tietoja ikävästä tapauksesta. Yhtiön työntekijän autoon oli murtauduttu ja autosta varastettu kiintolevyjä, CNBC kertoo. Levyille oli tallennettu salaamattomassa muodossa tietoja yhtiön entisistä ja nykyisistä työntekijöistä.. Also:

www.theregister.co.uk/2019/12/13/facebook_data_loss/

Attackers Terrify Homeowners After Hacking Ring Devices

www.bleepingcomputer.com/news/security/attackers-terrify-homeowners-after-hacking-ring-devices/ In a series of hacks targeting Ring camera devices, attackers are terrifying homeowners and making them feel violated in their own homes after taunting them or speaking to their children over the device’s speakers. On December 12th, numerous media outlets reported that homeowner’s Ring devices were being hacked and used to talk to people in their homes while they are making dinner, having breakfast, or playing in their rooms.

You might be interested in …

Daily NCSC-FI news followup 2021-01-12

Going Rogue a Mastermind Behind Android Malware Returns with a New RAT blog.checkpoint.com/2021/01/12/going-rogue-a-mastermind-behind-android-malware-returns-with-a-new-rat/ Now more than ever, we rely on our smartphones to keep in touch with our work, our families and the world around us. There are over 3.5 billion smartphone users worldwide, and it is estimated that over 85% of those devices around […]

Read More

Daily NCSC-FI news followup 2020-09-20

Hackers leak details of 1,000 high-ranking Belarus police officers www.zdnet.com/article/hackers-leak-details-of-1000-high-ranking-belarus-police-officers/ A group of hackers has leaked on Saturday the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations. The leaked data included names, dates of birth, and the officers’ departments and job titles. […]

Read More

Daily NCSC-FI news followup 2021-09-18

Researchers compile list of vulnerabilities abused by ransomware gangs www.bleepingcomputer.com/news/security/researchers-compile-list-of-vulnerabilities-abused-by-ransomware-gangs/ Security researchers are compiling an easy-to-follow list of vulnerabilities ransomware gangs and their affiliates are using as initial access to breach victims’ networks. All this started with a call to action made by Allan Liska, a member of Recorded Future’s CSIRT, on Twitter over the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.