Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year.

North Korean Malicious Cyber Activity

www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users

thehackernews.com/2020/02/chrome-extension-malware.html Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers.. These extensions were part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

blog.trendmicro.com/trendlabs-security-intelligence/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-file/ Recently, we discovered LokiBot (detected by Trend Micro as Trojan.Win32.LOKI) impersonating a popular game launcher to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file.

Raportti: Iranin tukemat hakkerit tehneet hyökkäyksiä länsimaisiin yliopistoihin

yle.fi/uutiset/3-11209244 Hakkerit ovat tiettävästi yrittäneet varastaa akateemista kirjallisuutta ja oppimateriaaleja.

Facebook removes ‘foreign interference’ operations from Iran and Russia

www.bbc.com/news/blogs-trending-51493172 Facebook has removed two separate networks of fake accounts originating in Iran and Russia, for “engaging in foreign or government interference”.

Securing the Software Development Supply Chain

blog.paloaltonetworks.com/2020/02/cloud-software-development-supply-chain/

Koronavirus hakkereiden täkynä Lisätietoja epidemiasta tarjoava roskaposti levittää haittaohjelmaa

www.epressi.com/tiedotteet/tietoturva/koronavirus-hakkereiden-takyna-lisatietoja-epidemiasta-tarjoava-roskaposti-levittaa-haittaohjelmaa.html Koronaviruspelon lisäksi kyberrikolliset hyödynsivät tammikuussa ahkerasti haavoittuvuutta, jota esiintyy jo 45 prosentissa maailman yritysverkoista, kertovat tietoturvayhtiö Check Pointin tutkijat.

You might be interested in …

Daily NCSC-FI news followup 2020-10-05

Johdon ohjaus on ratkaisevaa yrityksen kyberkestävyyden kannalta www.huoltovarmuuskeskus.fi/johdon-ohjaus-on-ratkaisevaa-yrityksen-kyberkestavyyden-kannalta/ Johdon sitoutuminen ja ohjaus ratkaisevat yrityksen kyberkestävyyden ja sitä kautta liiketoiminnan jatkuvuuden. Suomessa finanssiala on pisimmällä kyberturvallisuudessa, kertoo Huoltovarmuusorganisaation Digipoolin teettämä kartoitus MosaicRegressor: Lurking in the Shadows of UEFI securelist.com/mosaicregressor/98849/ UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips […]

Read More

Daily NCSC-FI news followup 2019-10-03

Casbaneiro: Dangerous cooking with a secret ingredient www.welivesecurity.com/2019/10/03/casbaneiro-trojan-dangerous-cooking/ Casbaneiro, also known as Metamorfo, is a typical Latin American banking trojan that targets banks and cryptocurrency services in Brazil and Mexico (Figure 1). It uses the social engineering method described in the introduction to our previous article, where fake pop-up windows are displayed. Just a GIF […]

Read More

Daily NCSC-FI news followup 2021-07-16

Valtionhallinnon VY-runkoverkossa oli laajamittainen häiriö valtori.fi/-/valtionhallinnon-vy-runkoverkon-kayttajien-palveluissa-ongelmia Häiriö johtui Telian runkoverkossa olleesta kuitukaapelien rikkoontumisesta. Microsoft Print Spooler Saga: Microsoft Defender for Identity now detects PrintNightmare attacks www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-printnightmare-attacks/ Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers’ attempts to abuse this critical vulnerability. Microsoft Print Spooler […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.