Daily NCSC-FI news followup 2019-12-23

Finnish government supports local authorities in cyber security initiative

www.computerweekly.com/news/252475795/Finnish-government-supports-local-authorities-in-cyber-security-initiative Over 200 of Finlands 311 municipalities have joined the Local Government Anti Cyberspace Threats (LGACT) project to conduct joint IT network defence exercises.

Venäjä testasi verkkoyhteyksiä ulkoisen hyökkäyksen varalta

yle.fi/uutiset/3-11133312 Venäjän viranomaiset ilmoittavat varautuvansa ääritilanteeseen, jossa maa joutuisi maailmanlaajuisen verkon ulkopuolelle ja eristyksiin muusta maailmasta.

Facebook is building an operating system so it can ditch Android


Twitter Fixes Bug that Enabled Takeover of Android App Accounts

threatpost.com/twitter-fixes-bug-that-enabled-takeover-of-android-app-accounts/151393/ Twitter for Android users are urged to update their app to fend off a security bug that allows hackers to access private account data and control accounts to send tweets and direct messages.

Twitter shuts down nearly 6,000 state-backed information operations

www.zdnet.com/article/twitter-shuts-down-saudi-state-backed-information-operations/ Twitter announced it has removed another batch of state-backed Twitter accounts from its platform, this time there were just shy of 6,000 of which a “significant” number of these were from Saudi Arabia.

New York Times: Popular chat app ToTok is an Emirati spy tool

www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html It is used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.. The service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers.

Lithuanian hacker sentenced to five years

www.theregister.co.uk/2019/12/20/facebook_google_hacker_five_years/ The hacker will spend the next five years behind bars for masterminding a $120m (£92.05m) scam that involved emailing fake IT equipment invoices to Facebook and Google.

Powershell Empire releases v3.0

www.bc-security.org/post/the-empire-3-0-strikes-back Includes new versions of common tools used in breaches, like a new version of Mimikatz that works againsta Windows 10 (1903). Make sure your defenses spot these new tools!

NVIDIA Patches High Severity Vulnerability in GeForce Experience

www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-vulnerability-in-geforce-experience/ NVIDIA today issued a security update designed to patch a vulnerability that could allow local attackers to trigger a denial of service (DoS) state or escalate privileges on systems running unpatched software.

Chinese hacker group caught bypassing 2FA

www.zdnet.com/article/chinese-hacker-group-caught-bypassing-2fa/ How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA at will.

The anatomy of the MyKings botnet, and why it matters for security

www.cyberscoop.com/mykings-botnet-sophos-smominru/ See also:

www.healthcareinfosecurity.com/mykings-cryptomining-botnet-leverages-eternalblue-flaw-a-13536 and


Analysis of phishing campaigns of Canadian banks.

research.checkpoint.com/2019/canadian-banks-targeted-in-a-massive-phishing-campaign/ Recently, Check Point engines detected a new phishing campaign impersonating the Royal Bank of Canada (RBC).

You might be interested in …

Daily NCSC-FI news followup 2021-07-24

Internet Futures www.ofcom.org.uk/__data/assets/pdf_file/0013/222205/internet-futures.pdf This report should not be seen as an exhaustive list of every innovative technology being developed. Indeed, it can be no more than a sample of the high-quality ongoing research work being conducted in industry and academia. Further, the omission or inclusion of any technology shouldnt be taken as a signal of […]

Read More

Daily NCSC-FI news followup 2020-03-15

CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-up-ransomware Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will […]

Read More

Daily NCSC-FI news followup 2020-09-12

IT staffing firm Artech says ransomware attack led to data breach www.bleepingcomputer.com/news/security/it-staffing-firm-artech-says-ransomware-attack-led-to-data-breach/ Artech Information Systems, one of the largest US IT staffing companies, has disclosed a data breach caused by a ransomware attack that affected some of its systems during early January 2020. Its No Giggle: Managing Expectations for Vulnerability Disclosure threatpost.com/giggle-managing-expectations-vulnerability-disclosure/159039/ Vulnerability-disclosure policies (VDPs), […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.