Daily NCSC-FI news followup 2019-12-23

Finnish government supports local authorities in cyber security initiative

www.computerweekly.com/news/252475795/Finnish-government-supports-local-authorities-in-cyber-security-initiative Over 200 of Finlands 311 municipalities have joined the Local Government Anti Cyberspace Threats (LGACT) project to conduct joint IT network defence exercises.

Venäjä testasi verkkoyhteyksiä ulkoisen hyökkäyksen varalta

yle.fi/uutiset/3-11133312 Venäjän viranomaiset ilmoittavat varautuvansa ääritilanteeseen, jossa maa joutuisi maailmanlaajuisen verkon ulkopuolelle ja eristyksiin muusta maailmasta.

Facebook is building an operating system so it can ditch Android

techcrunch.com/2019/12/19/facebook-operating-system/

Twitter Fixes Bug that Enabled Takeover of Android App Accounts

threatpost.com/twitter-fixes-bug-that-enabled-takeover-of-android-app-accounts/151393/ Twitter for Android users are urged to update their app to fend off a security bug that allows hackers to access private account data and control accounts to send tweets and direct messages.

Twitter shuts down nearly 6,000 state-backed information operations

www.zdnet.com/article/twitter-shuts-down-saudi-state-backed-information-operations/ Twitter announced it has removed another batch of state-backed Twitter accounts from its platform, this time there were just shy of 6,000 of which a “significant” number of these were from Saudi Arabia.

New York Times: Popular chat app ToTok is an Emirati spy tool

www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html It is used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.. The service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers.

Lithuanian hacker sentenced to five years

www.theregister.co.uk/2019/12/20/facebook_google_hacker_five_years/ The hacker will spend the next five years behind bars for masterminding a $120m (£92.05m) scam that involved emailing fake IT equipment invoices to Facebook and Google.

Powershell Empire releases v3.0

www.bc-security.org/post/the-empire-3-0-strikes-back Includes new versions of common tools used in breaches, like a new version of Mimikatz that works againsta Windows 10 (1903). Make sure your defenses spot these new tools!

NVIDIA Patches High Severity Vulnerability in GeForce Experience

www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-vulnerability-in-geforce-experience/ NVIDIA today issued a security update designed to patch a vulnerability that could allow local attackers to trigger a denial of service (DoS) state or escalate privileges on systems running unpatched software.

Chinese hacker group caught bypassing 2FA

www.zdnet.com/article/chinese-hacker-group-caught-bypassing-2fa/ How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA at will.

The anatomy of the MyKings botnet, and why it matters for security

www.cyberscoop.com/mykings-botnet-sophos-smominru/ See also:

www.healthcareinfosecurity.com/mykings-cryptomining-botnet-leverages-eternalblue-flaw-a-13536 and

news.sophos.com/en-us/2019/12/18/mykings-botnet-spreads-headaches-cryptominers-and-forshare-malware/

Analysis of phishing campaigns of Canadian banks.

research.checkpoint.com/2019/canadian-banks-targeted-in-a-massive-phishing-campaign/ Recently, Check Point engines detected a new phishing campaign impersonating the Royal Bank of Canada (RBC).

You might be interested in …

Daily NCSC-FI news followup 2020-06-18

Car autopilot security www.kaspersky.com/blog/protecting-adas/35961/ Today, many companies are experimenting to the max with autopilots of varying complexity. Some are trying to build devices that actually take control of the vehicle out of human hands, while others are developing advanced driver-assistance systems (ADAS). . The main issue that autopilot manufacturers must address is guaranteeing reliability and […]

Read More

Daily NCSC-FI news followup 2020-10-14

German authorities raid FinFisher offices www.zdnet.com/article/german-authorities-raid-finfisher-offices/ German authorities have raided the offices of FinFisher, a German software company that makes surveillance tools, accused in the past of providing software to oppressive regimes. FinFisher markets its tools as meant for law enforcement investigations and intelligence agencies. Known customers include the German federal police and Berlin police […]

Read More

Daily NCSC-FI news followup 2019-07-31

Poliisi: Edistyneet kiristyshyökkäykset jatkuvat www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/edistyneet_kiristyshyokkaykset_jatkuvat_82917?language=fi Koulujen alkaessa kuullaan usein varoitteluja uusista tienkäyttäjistä. Tällä kertaa poliisi varoittaa jälleen tietoverkoissa liikkuvia ja tietoverkkojen ylläpitäjiä. Taustalla on Kokemäellä tapahtunut tietomurto.. Lounais-Suomen poliisilaitoksen kyberrikostutkintaryhmä tutkii tapausta yhteistyössä Keskusrikospoliisin ja Traficom Liikenne- ja Viestintäviraston Kyberturvallisuuskeskuksen kanssa. Tutkintanimikkeenä on törkeä datavahingonteko. On varsin todennäköistä, että muitakin rikosnimikkeitä tulee tutkinnan edetessä kyseeseen.. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.