Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2019-12-23

Finnish government supports local authorities in cyber security initiative

www.computerweekly.com/news/252475795/Finnish-government-supports-local-authorities-in-cyber-security-initiative Over 200 of Finlands 311 municipalities have joined the Local Government Anti Cyberspace Threats (LGACT) project to conduct joint IT network defence exercises.

Venäjä testasi verkkoyhteyksiä ulkoisen hyökkäyksen varalta

yle.fi/uutiset/3-11133312 Venäjän viranomaiset ilmoittavat varautuvansa ääritilanteeseen, jossa maa joutuisi maailmanlaajuisen verkon ulkopuolelle ja eristyksiin muusta maailmasta.

Facebook is building an operating system so it can ditch Android

techcrunch.com/2019/12/19/facebook-operating-system/

Twitter Fixes Bug that Enabled Takeover of Android App Accounts

threatpost.com/twitter-fixes-bug-that-enabled-takeover-of-android-app-accounts/151393/ Twitter for Android users are urged to update their app to fend off a security bug that allows hackers to access private account data and control accounts to send tweets and direct messages.

Twitter shuts down nearly 6,000 state-backed information operations

www.zdnet.com/article/twitter-shuts-down-saudi-state-backed-information-operations/ Twitter announced it has removed another batch of state-backed Twitter accounts from its platform, this time there were just shy of 6,000 of which a “significant” number of these were from Saudi Arabia.

New York Times: Popular chat app ToTok is an Emirati spy tool

www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html It is used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.. The service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers.

Lithuanian hacker sentenced to five years

www.theregister.co.uk/2019/12/20/facebook_google_hacker_five_years/ The hacker will spend the next five years behind bars for masterminding a $120m (£92.05m) scam that involved emailing fake IT equipment invoices to Facebook and Google.

Powershell Empire releases v3.0

www.bc-security.org/post/the-empire-3-0-strikes-back Includes new versions of common tools used in breaches, like a new version of Mimikatz that works againsta Windows 10 (1903). Make sure your defenses spot these new tools!

NVIDIA Patches High Severity Vulnerability in GeForce Experience

www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-vulnerability-in-geforce-experience/ NVIDIA today issued a security update designed to patch a vulnerability that could allow local attackers to trigger a denial of service (DoS) state or escalate privileges on systems running unpatched software.

Chinese hacker group caught bypassing 2FA

www.zdnet.com/article/chinese-hacker-group-caught-bypassing-2fa/ How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA at will.

The anatomy of the MyKings botnet, and why it matters for security

www.cyberscoop.com/mykings-botnet-sophos-smominru/ See also:

www.healthcareinfosecurity.com/mykings-cryptomining-botnet-leverages-eternalblue-flaw-a-13536 and

news.sophos.com/en-us/2019/12/18/mykings-botnet-spreads-headaches-cryptominers-and-forshare-malware/

Analysis of phishing campaigns of Canadian banks.

research.checkpoint.com/2019/canadian-banks-targeted-in-a-massive-phishing-campaign/ Recently, Check Point engines detected a new phishing campaign impersonating the Royal Bank of Canada (RBC).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.