Daily NCSC-FI news followup 2019-12-25

Toistasataa kiinalaista pidätettiin Nepalissa epäiltynä kyberhuijauksesta

yle.fi/uutiset/3-11134577 Ratsiassa takavarikoitiin yli 700 puhelinta ja 400 tietokonetta.

Staying Cyber-Safe This Holiday Season

www.fortinet.com/blog/industry-trends/staying-cyber-safe-this-holiday-season.html Look-alike websites, fake shipping notifications, e-cards, emergency scams, phony charities, free gift cards etc. These are the most common forms of holiday scams.

Signs of Phishing: Protecting Yourself During the Holidays

www.tripwire.com/state-of-security/featured/signs-of-phishing-protecting-yourself-during-the-holidays/ Some things to look for in trying to spot phishing emails.

Sextortionists return for Christmas – price goes down, threats go up

nakedsecurity.sophos.com/2019/12/24/sextortionists-return-for-christmas-price-goes-down-threats-go-up/ Criminals try to avoid email filters by using inline images of their ransom demands. Delete the email and have a merry holiday instead!

How E-commerce Sites Can Counter ‘AuthBots’

blog.radware.com/security/botnets/2019/12/how-e-commerce-sites-can-counter-authbots/ Cybercriminals are siphoning the personal information of millions of shoppers. Dubbed AuthBots because of their persistent attempts at cracking authentication, this botnet group targets ecommerce firms with large-scale credential stuffing and cracking attacks to take over user accounts.

Maze Ransomware Releases Files Stolen from City of Pensacola

www.bleepingcomputer.com/news/security/maze-ransomware-releases-files-stolen-from-city-of-pensacola/ The actors behind the Maze Ransomware have released 2GB of files that were allegedly stolen from the City of Pensacola during their ransomware attack.. Criminals demanded a $1 million ransom to decrypt their files.

Entercom Radio Network Hit By Second Cyber Attack This Year

www.bleepingcomputer.com/news/security/entercom-radio-network-hit-by-second-cyber-attack-this-year/ This is the second time the network has to recover from a cyber event, the first one hitting in September being a ransomware attack that caused significant financial losses.. Considering the short time required to resume activity to a relatively normal level, it may be that the security measures installed after the attack in September paid off.

Marketing Agency Temporarily Halts Operations after Ransomware Attack

www.tripwire.com/state-of-security/security-data-protection/marketing-agency-temporarily-halts-operations-after-ransomware-attack/ Sandra Franecke, CEO of the Heritage Company, sent a letter to employees that the company would temporarily be suspending its operations. She went on to ask the agencys more than 300 employees to call the company on January 2nd to see if any progress had been made in recovering systems.. See also: 22 ransomware prevention tips


You might be interested in …

Daily NCSC-FI news followup 2019-11-27

Its Way Too Easy to Get a .gov Domain Name krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But […]

Read More

Daily NCSC-FI news followup 2019-09-16

Undersøgelsesrapport: Statsstøttet hackergruppe forsøger at kompromittere netværksudstyr fe-ddis.dk/cfcs/nyheder/arkiv/2019/Pages/undersoegelsesrapport-hackergruppe-forsoeger-kompromittere-netvaerksudstyr.aspx En statsstøttet aktør har forsøgt at gennemføre flere angreb på udvalgte danske myndigheder med henblik på spionage. CFCS udsendte den 18. april 2018 et offentligt varsel i forbindelse med hændelserne, og CFCS arbejdede efterfølgende videre og håndterede sagerne i samarbejde med relevante myndigheder.. [PDF] fe-ddis.dk/cfcs/publikationer/Documents/Undersoegelsesrapport-kompromittering-netvaerksudstyr.pdf Exclusive: Russia […]

Read More

Daily NCSC-FI news followup 2020-02-18

Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin threatpost.com/active-exploits-hit-vulnerable-wordpress-themegrill-plugin/152947/ Researchers are urging users of a vulnerable WordPress plugin, ThemeGrill Demo Importer, to update as soon as possible after discovering attackers are actively exploiting a flaw in the plugin. Ole organisaatiosi tietoturvan vahvin lenkki myös matkustaessasi ek.fi/ajankohtaista/uutiset/2020/02/18/ole-organisaatiosi-tietoturvan-vahvin-lenkki-myos-matkustaessasi/ Matkustaessa korostuvat mahdollisuus henkilötiedusteluun, eli ihmisiltä tehtävään tiedonhankintaan, sekä riski […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.