Daily NCSC-FI news followup 2020-02-19

ISS: Security incident impacting parts of the IT environment

www.fi.issworld.com/ On 17 February 2020, ISS was the target of a malware attack. As a precautionary measure and as part of our standard operating procedure, we immediately disabled access to shared IT services across our sites and countries, which ensured the isolation of the incident.

Dharma Ransomware Attacks Italy in New Spam Campaign

www.bleepingcomputer.com/news/security/dharma-ransomware-attacks-italy-in-new-spam-campaign/ Security researchers JAMESWT, TG Soft, and reecDeep all noticed a new spam campaign today that is infecting users with the Ursniff keylogger or the Dharma Ransomware.

Swiss Govt Says Ransomware Victims Ignored Warnings, Had Poor Security

www.bleepingcomputer.com/news/security/swiss-govt-says-ransomware-victims-ignored-warnings-had-poor-security/ Switzerlands Reporting and Analysis Centre for Information Assurance (MELANI) today warned of ongoing ransomware attacks targeting the systems of Swiss small, medium-sized, and large companies.

The BlackBerry Cylance 2020 Threat Report

threatvector.cylance.com/en_us/home/the-blackberry-cylance-2020-threat-report.html Key topics discussed in the report: Continued evolution of ransomware tactics that include the increased availability of Ransomware-as-a-Service (RaaS) offerings, and instances where ransomware developers have collaborated with banking Trojan developers to exfiltrate data prior to encryption to be used to further extort victims.

Dozens Of Fake Help Desk Phone Numbers Seized In Fraud Investigation

nltimes.nl/2020/02/19/dozens-fake-help-desk-phone-numbers-seized-fraud-investigation The Netherlands’ authority on consumers and markets ACM and Dutch telecom providers together revoked 100 numbers that where used for fake help desks to scam people, ACM announced on Wednesday.

Hackers Were Inside Citrix for Five Months

krebsonsecurity.com/2020/02/hackers-were-inside-citrix-for-five-months/ Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.

You might be interested in …

Daily NCSC-FI news followup 2020-01-20

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/ Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution.. Besides releasing these permanent fixes for the CVE-2019-19781 flaw, Citrix also says […]

Read More

Daily NCSC-FI news followup 2021-02-28

Bombardier Blindsided By Extortion Threat After Hackers Breach Server www.forbes.com/sites/leemathews/2021/02/27/bombardier-blindsided-by-extortion-threat-after-hackers-breach-server/ It seems likely that the attackers intent was never to launch a more sophisticated and lucrative attack. Instead they sought to use a fresh exploit to hit as many Accellion FTA customers as quickly as possible. A 2020 Go Malware Round-Up www.intezer.com/wp-content/uploads/2021/02/Intezer-2020-Go-Malware-Round-Up.pdf In the last […]

Read More

Daily NCSC-FI news followup 2021-06-04

Tekstiviestitse levitettävät Android-haittaohjelmat www.kyberturvallisuuskeskus.fi/fi/tekstiviestitse-levitettavat-android-haittaohjelmat Pakettiteemaisia huijausviestejä lähettävä FluBot-kampanja on aktivoitunut Suomessa. Kyberturvallisuuskeskukselle tulleiden ilmoitusten perusteella suomen kielellä kirjoitettuja huijausviestejä lähetetään tällä hetkellä arviolta tuhansille suomalaisille. Lisäksi: yle.fi/uutiset/3-11966491. Lisäksi: www.is.fi/digitoday/tietoturva/art-2000008027889.html. Lisäksi: www.epressi.com/tiedotteet/logistiikka-ja-liikenne/android-haittaohjelmat-leviavat-tekstiviestitse.html Exclusive: U.S. to give ransomware hacks similar priority as terrorism www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ The U.S. Department of Justice is elevating investigations of ransomware attacks to a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.