Daily NCSC-FI news followup 2019-12-22

Florida man jailed for over five years after cyberstalking schoolmate, posting threats

www.zdnet.com/article/man-jailed-for-over-five-years-after-cyberstalking-schoolmate-posting-threats/

One Day, Three Credit Card Data Breach Notifications

www.bleepingcomputer.com/news/security/one-day-three-credit-card-data-breach-notifications/ On the same day this week, two restaurants and a convenience store, all with locations across the U.S., disclosed security breach incidents that may have enabled attackers to steal customer payment card data.. Wawa www.wawa.com/alerts/data-security. Islands Restaurants

www.islandsrestaurants.com/paymentcardnotification. Champagne Bakery

www.champagnebakery.com/champagne-french-bakery-cafe-substitute-notice/

Weekly roundup: Tracking President Trump with cellphone location data

www.theregister.co.uk/2019/12/21/roundup_dec_20/ New York Times obtained a three-year-old database of 50 billion phone location pings for more than 12 million Americans.. The journalists analyzing the data found one phone that appeared to belong to a Secret Service agent on President Trump’s team, and showed the course of the agent’s progress during a trip to the commander-in-chief’s Mar-a-Lago resort, then to a golf course where Trump was playing golf with the Japanese prime minister.

The Week in Ransomware – December 20th 2019 – Attacks Everywhere

www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-20th-2019-attacks-everywhere/ This week’s ransomware news continues to be dominated by targeted ransomware attacks against hospitals, cities, and businesses and the new tactic of releasing victim’s data if they do not pay.

Dropbox Zero-Day Vulnerability Gets Temporary Fix

www.bleepingcomputer.com/news/security/dropbox-zero-day-vulnerability-gets-temporary-fix/ Dropbox has yet to release a new version that patches the flaw but a temporary solution is freely available in the form of a micropatch.

U.S. Navy bans TikTok from government-issued mobile devices

www.reuters.com/article/us-usa-tiktok-navy/u-s-navy-bans-tiktok-from-government-issued-mobile-devices-idUSKBN1YO2HU Earlier this week the United States Navy banned the social media app TikTok from government-issued mobile devices, saying the popular short video app represented a cybersecurity threat.

Windows Remote Desktop Services Used for Fileless Malware Attacks

www.bleepingcomputer.com/news/security/windows-remote-desktop-services-used-for-fileless-malware-attacks/

Not so IDLE hands: FBI program offers companies data protection via deception

arstechnica.com/information-technology/2019/12/not-so-idle-hands-fbi-program-offers-companies-data-protection-via-deception/ Newly surfaced doc outlines FBI’s IDLE program – which teases thieves with “decoy data.”

Apple Opens Its Invite-Only Bug Bounty Program to All Researchers

thehackernews.com/2019/12/apple-bug-bounty-program.html Highlight: an enormous increase in the maximum reward from $200,000 to $1.5 million

You might be interested in …

Daily NCSC-FI news followup 2021-02-11

Vastaamon palvelimen portti 3306 oli auki nettiin 1, 5 vuotta ja kiristys alkoi jo 2018 julkisuuskatastrofia viivytettiin viimeiseen asti www.is.fi/digitoday/tietoturva/art-2000007794906.html Vastaamon ensimmäisessä kiristysyrityksessä on saattanut olla kyse “roiskaisusta”, jossa tietomurtaja ei tiennyt, mitä hänellä oli käsissään. Vastaamon asiakastietokannan varastaminen johtui palvelimelle auki jätetystä tietoliikenneportista, joka oli auki 1, 5 vuoden ajan. Lookout Discovers Novel Confucius […]

Read More

Daily NCSC-FI news followup 2019-11-23

FBI says hackers are targeting US auto industry us.cnn.com/2019/11/20/politics/fbi-us-auto-industry-hackers/index.html The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN. Leaky Gekko Group database exposes info on hotel brands, travelers www.scmagazine.com/home/security-news/data-breach/leaky-gekko-group-database-exposes-info-on-hotel-brands-travelers/ European hotel booking platform provider Gekko Group mistakenly stored over […]

Read More

Daily NCSC-FI news followup 2021-03-12

Exploits on Organizations Worldwide Tripled every Two Hours after Microsoft’s Revelation of Four Zero-days blog.checkpoint.com/2021/03/11/exploits-on-organizations-worldwide/ Following the revelation of four zero-day vulnerabilities currently affecting Microsoft Exchange Server, Check Point Research (CPR) discloses its latest observations on exploitation attempts against organizations that it tracks worldwide. myös: www.tivi.fi/uutiset/tv/31187ac4-d460-4a33-be35-0256443bbb11 F-Secure: “Tilanne voi revetä käsiin” Exchange-hyökkäysten hirmumyrsky repii maailmaa […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.