Daily NCSC-FI news followup 2020-02-15

Edes puhelimen nollaus ei auta näin toimii häijy haittaohjelma

www.is.fi/digitoday/tietoturva/art-2000006407633.html Erittäin sitkeä xHelper-haittaohjelma on ihmetyttänyt tietoturvatutkijoita kuukausien ajan, mutta nyt sen salaisuudet ovat vihdoin selvinneet ainakin osittain.

Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities

www.zdnet.com/article/unknown-number-of-bluetooth-le-devices-impacted-by-sweyntooth-vulnerabilities/ BLE software kits from six chipset vendors impacted. More vendor names to be revealed soon.

Suomalaisille soitettu runsaasti väärennettyjä puheluita soittaja esiintyy teknisenä tukena

yle.fi/uutiset/3-11210452 Suomalaisille organisaatioille ja yksityisille henkilöille on tullut tällä viikolla runsaasti puheluita, joissa soittaja esiintyy Microsoftin teknisenä tukena, kertoo Traficomin Kyberturvallisuuskeskus.

The Week in Ransomware – February 14th 2020 – Targeting MSPs

www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-14th-2020-targeting-msps/ The biggest news this week is the discovery that RagnarLocker is targeting MSPs by terminating associated processes before encrypting a computer. This is probably being done to prevent the MSP from detecting and stopping an attack.

www.forbes.com/sites/jasonevangelho/2020/02/15/microsoft-acknowledges-serious-windows-10-update-bug-that-removes-your-files-and-profile Following the most recent Patch Tuesday update (KB4532693), users are complaining that their profiles and desktop files are missing, and that custom icons and wallpaper have all been reset to their default state.. New Windows 10 Update Bug Is Deleting User Data And Preventing Login

Microsoft pulls security update after reports of issues affecting some PCs

www.zdnet.com/article/microsoft-pulls-security-update-after-reports-of-issues-affecting-some-pcs/#ftag=RSSbaffb68 A standalone security update released as part of the February Patch Tuesday cycle has created headaches for some owners of PCs running Windows 10. After investigating reports of those issues, Microsoft has yanked KB4524244 from its update servers.

Koronavirus pudottaa palvelinkauppaa 10 prosenttia

www.tivi.fi/uutiset/tv/a67b4def-e0f7-4f2a-9dbb-41cd288bff6b Palvelinten kysynnässä ei ole mitään vikaa, mutta alan suuri peluri Kiina joutuu ajamaan alas koko tuotantonsa maailmalle levinneen viruksen takia.. DigiTimes on raportoinut, että alle viideosa Kiinan tehdastyöläisistä palasi töihin sikäläisten uuden vuoden lomien jälkeen, joka loppui 25. tammikuuta. Nyt teollisuuden piirissä on päätetty jatkaa pakkolomia kuukaudella

Android saw a 98 percent drop in apps asking for call and text data

www.engadget.com/2020/02/12/android-drop-in-app-call-sms-log-requests Google’s attempts to curb permission abuse appear to be working. the company revealed that there was a 98 percent drop in the number of Play Store apps accessing call log and SMS data in 2019.

You might be interested in …

Daily NCSC-FI news followup 2020-03-29

Source code of Dharma ransomware pops up for sale on hacking forums www.zdnet.com/article/source-code-of-dharma-ransomware-pops-up-for-sale-on-hacking-forums/ The source code of a major ransomware strain named Dharma has been put up for sale on two Russian hacker forums over the weekend.. The FBI, in a talk at the RSA security conference this year, ranked Dharma the second most lucrative […]

Read More

Daily NCSC-FI news followup 2020-12-23

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity us-cert.cisa.gov/ncas/current-activity/2020/12/23/cisa-releases-cisa-insights-and-creates-webpage-ongoing-apt-cyber CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly […]

Read More

Daily NCSC-FI news followup 2020-03-12

Critical Patch Released for ‘Wormable’ SMBv3 Vulnerability Install It ASAP! thehackernews.com/2020/03/patch-wormable-smb-vulnerability.html Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to another automatically.. see also www.kyberturvallisuuskeskus.fi/fi/kriittinen-haavoittuvuus-microsoftin-smbv3-toteutuksessa 48K Windows Hosts Vulnerable […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.