Daily NCSC-FI news followup 2019-12-21

170m passwords stolen in September Zynga hack

www.theguardian.com/games/2019/dec/19/170m-passwords-stolen-in-zynga-words-with-friends-hack-monitor-says Words With Friends company admitted hack in September but size only now revealed

Siemens Contractor Jailed for Sabotage With Logic Bombs

www.bleepingcomputer.com/news/security/siemens-contractor-jailed-for-sabotage-with-logic-bombs/ While his spreadsheets worked without flaw for years, starting in 2014 they suddenly began randomly crashing and glitching because of the logic bombs he inserted within the password-protected code.

Canada’s broadcasting agency fines company behind the Orcus malware

www.zdnet.com/article/canadas-broadcasting-agency-fines-company-behind-the-orcus-rat/ Canada’s broadcasting agency has fined a company with 115,000 Canadian dollars (ca 79,000 EUR) for selling malware.

GozNym Gang Members Behind $100 Million Damages Sentenced

www.bleepingcomputer.com/news/security/goznym-gang-members-behind-100-million-damages-sentenced/ The GozNym group members were charged for stealing “an estimated $100 million from more than 41 000 victims, primarily businesses and their financial institutions” according to a Europol press release from May.. Europol:

www.eurojust.europa.eu/press/PressReleases/Pages/2019/2019-05-16.aspx

Hacker sentenced after trying to blackmail Apple by threatening to delete 319m accounts

www.nationalcrimeagency.gov.uk/news/hacker-tried-to-blackmail-apple-by-threatening-to-delete-319m-accounts He was sentenced today, Friday 20 December, and was given a two year suspended jail term, 300 hours of unpaid work and a six month electronic curfew at Southwark Crown Court.

Former IT Employee Jailed for Taking Down Airline Systems

www.bleepingcomputer.com/news/security/former-it-employee-jailed-for-taking-down-airline-systems/ Scott Burns, a former employee of information and communications technology (ICT) provider Blue Chip was sentenced to 10 months in prison for taking down the computers of British airline Jet2.com Limited (aka Jet2) for over 12 hours.

Tokyo 2020 Staff Warns of Phishing Disguised As Official Emails

www.bleepingcomputer.com/news/security/tokyo-2020-staff-warns-of-phishing-disguised-as-official-emails/ “We have recently detected emails disguised to look like they are coming from a Tokyo 2020 staff member,” says Tokyo Olympic Organizing Committee’s warning message.

You might be interested in …

Daily NCSC-FI news followup 2020-07-24

Garmin outage caused by confirmed WastedLocker ransomware attack www.bleepingcomputer.com/news/security/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack/ Wearable device maker Garmin shut down some of its connected services and call centers on Thursday following what the company called a worldwide outage, now confirmed to be caused by a WastedLocker ransomware attack. Lisäksi www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/ ja www.forbes.com/sites/leemathews/2020/07/23/garmins-alleged-ransomware-wastedlocker-evil-corp/ ja thehackernews.com/2020/07/garmin-ransomware-attack.html ja threatpost.com/garmin-suffers-ransomware-attack/157698/ Poliisi varoittaa Microsoft huijaussoitoista […]

Read More

Daily NCSC-FI news followup 2020-01-20

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/ Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution.. Besides releasing these permanent fixes for the CVE-2019-19781 flaw, Citrix also says […]

Read More

Daily NCSC-FI news followup 2021-02-18

Microsoft Internal Solorigate Investigation Final Update msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/ We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.