Daily NCSC-FI news followup 2020-02-02

Firefox now shows what telemetry data it’s collecting about you

www.zdnet.com/article/firefox-now-shows-what-telemetry-data-its-collecting-about-you/ Users can no go to about:telemetry and see what Mozilla is collecting about their Firefox installs.

Poliisin ohje Nivalan Nuorisoseuran täydelle salille ikäihmisiä, miten pitää rahat ja omaisuus varkailta suojassa: “Jos Töllin Keijo soittaa teille, älkää antako tunnuslukua.”

www.nivala-lehti.fi/uutinen/588218 Kun sosiaalisessa mediassa kuitenkin ollaan, niin ei ole syytä kertoa sitäkään, että naapuri on reissussa. Seppälä antoi muutenkin hyviä neuvoja, mitä sosiaaliseen mediaan ei kannata laittaa. Jos lataa kuvia, niissä ei kannata esitellä omaisuutta.

Bouygues Construction joutui kiristyshaittaohjelman uhriksi

www.bouygues.com/wp-content/uploads/2020/01/prbouyguesconstructioncyberattack01-31-2020-pdf.pdf

Hakkeri käräytti Messin ja Ronaldon veronkierrosta, mutta isoin paljastus liittyi Afrikan rikkaimpaan naiseen Nyt Rui Pinto odottaa tuomiota vankeudessa

www.hs.fi/ulkomaat/art-2000006392763.html Portugalilainen hakkeri Rui Pinto oli mukana paljastamassa Lionel Messiä ja Cristiano Ronaldoa veronkierrosta. Tammikuussa hakkerille luettiin syytteet yhteensä 90 rikosepäilystä, muun muassa yksityisyyden suojan rikkomisesta, tietomurroista ja kiristyksen yrityksestä.

Pirated Software is All Fun and Games Until Your Data’s Stolen

www.bleepingcomputer.com/news/security/pirated-software-is-all-fun-and-games-until-your-data-s-stolen/ It may be tempting to try to download the latest games or applications for free, but doing so will ultimately land you in a hotbed of trouble as your computer becomes infected with adware, ransomware, and password-stealing Trojans.

Tech Support Scam Hitting Microsoft Edge Start Page Takes a Break

www.bleepingcomputer.com/news/security/tech-support-scam-hitting-microsoft-edge-start-page-takes-a-break/ A sophisticated browser locker campaign that ran on high-profile pages, like Microsoft Edge’s home or popular tech sites, was deactivated this week after in-depth research was published. The actors behind it used a compromised an ad content supplier for top-tier distribution and combined targeted traffic filtering with steganography. This mix allowed the operation to survive for at least two years, bringing victims to a tech support scam page and threat researchers to a dead end as they scratched their heads about how the redirect to the fake malware reporting page happened.

Jäikö Gmailisi auki vieraalle koneelle? Näin suljet sen etänä

www.is.fi/digitoday/art-2000006391076.html Avaa Gmail jollakin tietokoneella. Vieritä Gmailin etusivu pohjaan saakka, ja paina oikean alakulman Tiedot-linkkiä. Se vie sivulle, jossa kerrotaan toiminnasta tällä tilillä. Siellä on myös nappi nimeltä Kirjaudu ulos kaikista muista Gmail-verkkoistunnoista. Paina sitä, niin olet valmis.

Weekend Vulnerability and Patch Report, February 3, 2020

citadel-information.com/2020/02/weekend-vulnerability-and-patch-report-february-3-2020/

Hackers are hijacking smart building access systems to launch DDoS attacks

www.zdnet.com/article/hackers-are-hijacking-smart-building-access-systems-to-launch-ddos-attacks/ More than 2, 300 building access systems can be hijacked due to a severe vulnerability left without a fix. Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall. The attacks are targeting Linear eMerge E3, a product of Nortek Security & Control (NSC).

You might be interested in …

Daily NCSC-FI news followup 2019-08-30

Phishers are Angling for Your Cloud Providers krebsonsecurity.com/2019/08/phishers-are-angling-for-your-cloud-providers/ Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the clients brand and their customers. Heres a look at a recent CRM-based phishing […]

Read More

Daily NCSC-FI news followup 2020-04-29

Rogue affiliates are running fake antivirus expiration scams www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/ Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. Microsoft warns of malware surprise pushed via pirated movies www.bleepingcomputer.com/news/security/microsoft-warns-of-malware-surprise-pushed-via-pirated-movies/ […]

Read More

Daily NCSC-FI news followup 2020-12-13

Exclusive: U.S. Treasury breached by hackers backed by foreign government – sources www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive-idUSKBN28N0PG A sophisticated hacking group backed by a foreign government stole information from the U.S. Treasury Department and a U.S. agency responsible for deciding policy around the internet and telecommunications, according to people familiar with the matter. “The United States government is aware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.