Daily NCSC-FI news followup 2019-12-20

267 miljoonan Facebook-käyttäjän tiedot päätyivät nettiin – älä silti hätäile

www.is.fi/digitoday/tietoturva/art-2000006350462.html Vuoto ei kuitenkaan ole hälyttävin mahdollinen, vaikka koskeekin suurta määrää käyttäjiä. Tietueessa ei esimerkiksi ole salasanoja tai maksukortin tietoja. Lisäksi tiedot ovat enimmäkseen amerikkalaisilta käyttäjiltä.. Src:

www.comparitech.com/blog/information-security/267-million-phone-numbers-exposed-online/

Supo: 5g-verkkotoimijat arvioitava ja poliittinen keskustelu käytävä

www.is.fi/digitoday/tietoturva/art-2000006348909.html

Cisco ASA DoS Bug Attacked in Wild

blogs.cisco.com/security/talos/cisco-asa-dos-bug-attacked-in-wild Cisco Talos has recently noticed a sudden spike in exploitation attempts against a specific vulnerability. The attacker can use a specially crafted URL to cause the ASA appliance to reboot or disclose unauthenticated information.

Frankfurt city officials take down IT network to prevent Emotet to be used as a staging point to launch a ransomware attack.

www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/ Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet.

Canadian Insurance Firm Hit By Maze Ransomware, Denies Data Theft

www.bleepingcomputer.com/news/security/canadian-insurance-firm-hit-by-maze-ransomware-denies-data-theft/ According to emails sent to BleepingComputer from the operators of the Maze Ransomware, Andrew Agencies was attacked on October 21st, 2019 when the attackers breached their network and encrypted 245 computers. Based on the encrypted sizes listed in this proof, the Maze Ransomware states they have encrypted a total of 63 terabytes of data.

Ransomware: The number of victims paying up is on the rise, and that’s bad news

www.zdnet.com/article/ransomware-the-number-of-victims-paying-up-is-on-the-rise-and-thats-bad-news/

Nexus Mods breached.

www.nexusmods.com/news/14178 Even though we were able to secure the endpoint as soon as we discovered the exploit, as a measure of security, we are informing all of you, as we cannot rule out that further access to other user data including email addresses, password hashes and password salts has taken place.. Also

www.bleepingcomputer.com/news/security/nexus-mods-game-modding-site-discloses-data-breach/

– From dropbox(updater) to NT AUTHORITY\SYSTEM

decoder.cloud/2019/12/18/from-dropboxupdater-to-nt-authoritysystem/ In this post Im going to show how to use the DropBoxUpdater service in order to get SYSTEM privileges starting from a simple Windows user.

Privilege Escalation Flaws Found in Preinstalled Acer, ASUS Software

www.securityweek.com/privilege-escalation-flaws-found-preinstalled-acer-asus-software The first bug impacts Acer Quick Access, an application that allows users to toggle wireless devices on or off, to modify power-off USB charge settings and network sharing options, and more.. The second flaw impacts ASUS ATK Package and can be exploited during the post-compromise phase of an attack, to achieve persistence and evade detection.

OpenSSL 1.0.2u released.

www.openssl.org/news/openssl-1.0.2-notes.html

DNSSEC still fueling DNS amplification attacks, TCP SYN flood attacks rise

www.helpnetsecurity.com/2019/12/19/dns-amplification-attacks-increase/ TCP SYN flood is not a new method, but findings indicate that techniques have grown in sophistication and have emerged as the third most used attack vector, behind DNS amplification and HTTP flood attacks.

You might be interested in …

Daily NCSC-FI news followup 2021-02-14

Egregor ransomware operators arrested in Ukraine www.zdnet.com/article/egregor-ransomware-operators-arrested-in-ukraine/ Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself.. Members of the Egregor ransomware cartel have been arrested this week in Ukraine, French radio station France Inter reported on Friday, citing law enforcement sources. Pro-India hackers use Android spyware to spy […]

Read More

Daily NCSC-FI news followup 2021-01-02

The Week in Ransomware – January 1st 2021 – New Year Edition www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-1st-2021-new-year-edition/ This holiday edition cover the latest ransomware news from the past two weeks, including known ransomware attacks and law enforcement takedowns. Over the past two weeks, we have seen ransomware attacks on scent and flavor designed Symrise, FreePBX developer Sangoma, trucking giant […]

Read More

Daily NCSC-FI news followup 2020-03-23

Protecting health care www.kaspersky.com/blog/protecting-healthcare-organizations/34269/ Health-care facilities are struggling with the current coronavirus epidemic, so we must help them with cyberprotection. We are offering free six-month licenses for our core solutions. For the average, law-abiding person, the coronavirus COVID-19 is simply a health hazard. Unfortunately, some cybercriminals perceive the epidemic as an additional opportunity to launch […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.