Daily NCSC-FI news followup 2019-12-28

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility

www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/ The systems encrypted by Ryuk Ransomware directly impacted the facility’s “entire corporate IT network (beyond the footprint of the facility)” [emphasis ours] and physical access and camera control systems, and it also led to “loss of critical process control monitoring systems.”

Ransomware Hits Maastricht University, All Systems Taken Down

www.bleepingcomputer.com/news/security/ransomware-hits-maastricht-university-all-systems-taken-down/ Maastricht University (UM) announced that almost all of its Windows systems have been encrypted by ransomware following a cyber-attack that took place on Monday, December 23.. UM is a university from the Netherlands with over 18,000 students, 4,400 employees, and 70,000 alumni.

Ransomware at IT Services Provider Synoptek

krebsonsecurity.com/2019/12/ransomware-at-it-services-provider-synoptek/ Synoptek, a California-based cloud hosting and IT management services provider suffered a ransomware attack this week that has disrupted operations for many of its clients.. Two sources who work at the company have now confirmed their employer was hit by Sodinokibi, a potent ransomware strain also known as rEvil.

Ransomware Situation Goes From Bad to Worse

www.darkreading.com/attacks-breaches/ransomware-situation-goes-from-bad-to-worse/d/d-id/1336664 The surge in ransomware attacks on cities, municipalities, schools, and healthcare organizations this year is just a foretaste of what is likely come in 2020.. Threat actors have sensed a very real opportunity to make big returns attacking enterprise organizations using ransomware and are refining their tools and techniques to increase their chances for success, say worried security experts.

30 years of ransomware: How one bizarre attack laid the foundations for the malware taking over the world

www.zdnet.com/article/30-years-of-ransomware-how-one-bizarre-attack-laid-the-foundations-for-the-malware-taking-over-the-world/ In December 1989 the world was introduced to the first ever ransomware – – and 30 years later ransomware attacks are now at crisis levels.

Leveraging Disk Imaging Tools to Deliver RATs

www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/leveraging-disk-imaging-tools-to-deliver-rats/ This year we observed a notable uptick in disc imaging software (like .ISO) being used as a container for serving malware via email, with .ISO archives attributing to 6% of all malware attachment archives seen this year.

Ring and Amazon get slammed with a federal lawsuit that claims the companies failed to secure cameras against hackers

www.businessinsider.com/ring-amazon-sued-federal-court-security-hacking-2fa-2019-12 The lawsuit alleges that, as a manufacturer of security products, Ring failed to meet its “most basic obligation by not ensuring its Wi-Fi enabled cameras were protected against cyber-attack.”

You might be interested in …

Daily NCSC-FI news followup 2020-11-14

Schools Struggling to Stay Open Get Hit by Ransomware Attacks www.wsj.com/articles/my-information-is-out-there-hackers-escalate-ransomware-attacks-on-schools-11605279160?mod=djemalertNEWS Districts around the U.S. are fighting a wave of increasingly aggressive hackers, who are publicly posting sensitive student information. Based on searches of hackers’ sites on the dark weba network of websites accessed through special software that gives users anonymityas well as publicly known […]

Read More

Daily NCSC-FI news followup 2020-07-03

New Apple macOS Big Sur feature to hamper adware operations www.zdnet.com/article/new-apple-macos-big-sur-feature-to-hamper-adware-operations/#ftag=RSSbaffb68 Apple has disabled the ability to silently install macOS profiles from the CLI in macOS 11, a measure that was widely employed by adware and malware gangs. Windows 10: Microsoft Defender ATP now rates your security configurations www.zdnet.com/article/windows-10-microsoft-defender-atp-now-rates-your-security-configurations/#ftag=RSSbaffb68 New Microsoft Defender ATP service will […]

Read More

Daily NCSC-FI news followup 2021-02-24

Haavoittuvuuksia VMwaren tuotteissa – päivitä heti www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-vmwaren-tuotteissa-paivita-heti VMware julkaisi päivityksiä, jotka tulisi asentaa välittömästi. Haavoittuvuudet mahdollistavat esimerkiksi etänä suoritettavat komennot sekä mielivaltaisen ohjelmakoodin suorittamisen. Kriittinen haavoittuvuus CVE-2021-21972 koskee VMware vCenter Server – -hallinta-alustaa, joka mahdollistaa etänä suoritettavien komentojen suorittamisen. Julkaistu vakava haavoittuvuus CVE-2021-21974 koskee ESXi OpenSLP -puskurin ylivuotoa. Google funds Linux maintainers to boost Linux […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.