Daily NCSC-FI news followup 2020-02-15

Edes puhelimen nollaus ei auta näin toimii häijy haittaohjelma

www.is.fi/digitoday/tietoturva/art-2000006407633.html Erittäin sitkeä xHelper-haittaohjelma on ihmetyttänyt tietoturvatutkijoita kuukausien ajan, mutta nyt sen salaisuudet ovat vihdoin selvinneet ainakin osittain.

Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities

www.zdnet.com/article/unknown-number-of-bluetooth-le-devices-impacted-by-sweyntooth-vulnerabilities/ BLE software kits from six chipset vendors impacted. More vendor names to be revealed soon.

Suomalaisille soitettu runsaasti väärennettyjä puheluita soittaja esiintyy teknisenä tukena

yle.fi/uutiset/3-11210452 Suomalaisille organisaatioille ja yksityisille henkilöille on tullut tällä viikolla runsaasti puheluita, joissa soittaja esiintyy Microsoftin teknisenä tukena, kertoo Traficomin Kyberturvallisuuskeskus.

The Week in Ransomware – February 14th 2020 – Targeting MSPs

www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-14th-2020-targeting-msps/ The biggest news this week is the discovery that RagnarLocker is targeting MSPs by terminating associated processes before encrypting a computer. This is probably being done to prevent the MSP from detecting and stopping an attack.

www.forbes.com/sites/jasonevangelho/2020/02/15/microsoft-acknowledges-serious-windows-10-update-bug-that-removes-your-files-and-profile Following the most recent Patch Tuesday update (KB4532693), users are complaining that their profiles and desktop files are missing, and that custom icons and wallpaper have all been reset to their default state.. New Windows 10 Update Bug Is Deleting User Data And Preventing Login

Microsoft pulls security update after reports of issues affecting some PCs

www.zdnet.com/article/microsoft-pulls-security-update-after-reports-of-issues-affecting-some-pcs/#ftag=RSSbaffb68 A standalone security update released as part of the February Patch Tuesday cycle has created headaches for some owners of PCs running Windows 10. After investigating reports of those issues, Microsoft has yanked KB4524244 from its update servers.

Koronavirus pudottaa palvelinkauppaa 10 prosenttia

www.tivi.fi/uutiset/tv/a67b4def-e0f7-4f2a-9dbb-41cd288bff6b Palvelinten kysynnässä ei ole mitään vikaa, mutta alan suuri peluri Kiina joutuu ajamaan alas koko tuotantonsa maailmalle levinneen viruksen takia.. DigiTimes on raportoinut, että alle viideosa Kiinan tehdastyöläisistä palasi töihin sikäläisten uuden vuoden lomien jälkeen, joka loppui 25. tammikuuta. Nyt teollisuuden piirissä on päätetty jatkaa pakkolomia kuukaudella

Android saw a 98 percent drop in apps asking for call and text data

www.engadget.com/2020/02/12/android-drop-in-app-call-sms-log-requests Google’s attempts to curb permission abuse appear to be working. the company revealed that there was a 98 percent drop in the number of Play Store apps accessing call log and SMS data in 2019.

You might be interested in …

Daily NCSC-FI news followup 2020-04-04

Zoomed In: A Look into a Coinminer Bundled with Zoom Installer blog.trendmicro.com/trendlabs-security-intelligence/zoomed-in-a-look-into-a-coinminer-bundled-with-zoom-installer/ We found a Coinminer bundled with the legitimate installer of video conferencing app Zoom, luring users who want to install the software but end up unwittingly downloading a malicious file. The compromised files are not from Zooms official download center, and are assumed […]

Read More

Daily NCSC-FI news followup 2020-09-08

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities www.zdnet.com/article/microsoft-september-2020-patch-tuesday-fixes-129-vulnerabilities/ Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers. See also: isc.sans.edu/diary/rss/26544 Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/ Adobe patched 11 bugs overall in its Experience Manager; five of those are rated […]

Read More

Daily NCSC-FI news followup 2020-01-08

No, the US Army isnt drafting you for WWIII by text message www.theverge.com/2020/1/7/21055797/us-army-draft-ww3-scam-text-message-fake On Tuesday, the Army put out a news bulletin alerting the public of fraudulent text messages from people claiming to be recruiters. Some texts tell the person receiving them to head to their local recruiting office for immediate departure to Iran. Others […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.