Daily NCSC-FI news followup 2019-12-31

Ghosts in the Clouds: Inside Chinas Major Corporate Hack

www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061 A Wall Street Journal investigation has found that the attack was much bigger than previously known. It goes far beyond the 14 unnamed companies listed in the indictment, stretching across at least a dozen cloud providers, including CGI Group Inc. Tieto Oyj, a major Finnish IT services company; and International Business Machines Corp (IBM). Article behind paywall

Microsoft on ottanut haltuunsa hakkeriryhmän käyttämiä verkkotunnuksia ryhmän arvellaan toimivan Pohjois-Koreasta käsin

yle.fi/uutiset/3-11138983 Tietotekniikkajätti Microsoft on ottanut haltuun kymmenittäin hakkeriryhmän käyttämiä verkkotunnuksia. Thallium-hakkeriryhmä käytti verkkotunnuksia arkaluontoisten tietojen varastamiseen esimerkiksi valtioiden virastojen, ajatushautomoiden, kansalaisoikeusjärjestöjen ja yliopistojen työntekijöiltä.. See also:

blogs.microsoft.com/on-the-issues/2019/12/30/microsoft-court-action-against-nation-state-cybercrime/

BRONZE PRESIDENT Targets NGOs

www.secureworks.com/research/bronze-president-targets-ngos BRONZE PRESIDENT is a likely People’s Republic of China (PRC)-based targeted cyberespionage group that uses both proprietary and publicly available tools to target NGO networks.

Daily NCSC-FI news followup 2019-11-14

Qualcomm Chip Flaws Let Hackers Steal Private Data From Android Devices thehackernews.com/2019/11/qualcomm-android-hacking.html According to a report cybersecurity firm CheckPoint shared with The Hacker News, the flaws could allow attackers to steal sensitive data stored in a secure area that is otherwise supposed to be the most protected part of a mobile device.. Report at research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/ […]

Daily NCSC-FI news followup 2019-09-24

New NetWire RAT Variant Being Spread Via Phishing www.fortinet.com/blog/threat-research/new-netwire-rat-variant-spread-by-phishing.html NetWire is a Remote Access Trojan (RAT) malware that has been widely used for many years. Recently, FortiGuard Labs noticed a malware spreading via phishing email, and during the analysis on it, we discovered that it was a new variant of NetWire RAT. LookBack Forges Ahead: […]

Daily NCSC-FI news followup 2019-11-15

Clampdown on US border device searches not such a big deal www.zdnet.com/article/clampdown-on-us-border-device-searches-not-such-a-big-deal/#ftag=RSSbaffb68 Alasaad v. Mcaleenan acknowledges the intrusiveness of digital searches, but it’s only about “contraband” and falls short of requiring a warrant. It’s time for SCOTUS and Congress to dig deeper, say experts. New Emotet Report Details Threats From One of the Worlds Most […]