Daily NCSC-FI news followup 2020-03-09

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.

threatpost.com/microsoft-exchange-server-flaw-exploited-in-apt-attacks/153527/ Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges.. see also

www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys

ENTSO-E: cyber intrusion on its office network

www.fingrid.fi/en/pages/news/news/2020/entso-e-cyber-intrusion-on-its-e-office-network/ European Network of Transmission System Operations for Electricity ENTSO-E has informed that some of their IT systems had been subjected to a security attack.. The attack was not directed against Fingrid or other transmission system operators, and it didn’t have any influence on Fingrids customers or other stakeholders.

Terve epäluulo suojaa parhaiten petosrikoksilta

www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/terve_epaluulo_suojaa_parhaiten_petosrikoksilta_88476?language=fi Rikolliset osaavat häikäilemättä käyttää hyväkseen ihmisten luontaista uskoa hyvään ja toivetta nopeaan vaurastumiseen. Petosrikollisuudelta parhaiten suojaakin usein terve epäluulo.

New Variant of TrickBot Being Spread by Word Document

www.fortinet.com/blog/threat-research/new-variant-of-trickbot-being-spread-by-word-document.html Recently, FortiGuard Labs captured an MS Office Word sample in the wild that is spreading a new variant of TrickBot. I did an analysis on this sample file, and in this post I will explain how it works on the victims machine.

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

threatpost.com/amd-downplays-cpu-threat-opening-chips-to-data-leak-attacks/153516/ New side-channel attacks have been disclosed in AMD CPUs, however AMD said that they are not new.

Check Point chap: Small firms don’t invest in infosec then hope they won’t get hacked. Spoiler alert: They get hacked

www.theregister.co.uk/2020/03/09/check_point_interview/ One vendor’s security controls aren’t enough, says Dan Wiley

Twitter First: Trump Video Retweet Tagged as ‘Manipulated Media’

www.bleepingcomputer.com/news/security/twitter-first-trump-video-retweet-tagged-as-manipulated-media/ For the first time, Twitter has labeled a video as ‘Manipulated Media’ that attempts to portray Joe Biden as stating that Donald Trump should be re-elected.

Top Tips for Secure Remote Working

blog.checkpoint.com/2020/03/09/top-tips-for-secure-remote-working/ Practical tips to enable employees to work safely from home during the Coronavirus outbreak

International Womens Day: awareness of stalkerware, monitoring, and spyware apps on the rise

blog.malwarebytes.com/stalkerware/2020/03/international-womens-day-awareness-of-stalkerware-monitoring-and-spyware-apps-on-the-rise/

Crescendo: Real Time Event Viewer for macOS

www.fireeye.com/blog/threat-research/2020/03/crescendo-real-time-event-viewer-for-macos.html

You might be interested in …

Daily NCSC-FI news followup 2020-05-09

DigitalOcean Data Leak Incident Exposed Some of Its Customers Data thehackernews.com/2020/05/digitalocean-data-breach.html DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers’ data to unknown and unauthorized third parties. Though the hosting company has not yet publicly released a statement, it did has […]

Read More

Daily NCSC-FI news followup 2020-03-05

Attackers Taking Advantage of the Coronavirus/COVID-19 Media Frenzy www.fortinet.com/blog/threat-research/attackers-taking-advantage-of-the-coronavirus-covid-19-media-frenzy.html Over the past several weeks, FortiGuard Labs has been observing a significant increase in both legitimate and malicious activity surrounding the Coronavirus.. Threat findings via OSINT channels have yielded multiple themes, such as those appearing to be reports from trusted sources, such as governmental agencies, news […]

Read More

Daily NCSC-FI news followup 2020-05-26

New Zealand introduces Bill to block violent extremist content www.zdnet.com/article/new-zealand-introduces-bill-to-block-violent-extremist-content/ It would make livestreaming of objectionable content a criminal offence, censorship calls will be made immediately, and take-down notices will be backed by law. YK: kyberiskuissa roimaa kasvua supervalta boikotoi kokousta www.tivi.fi/uutiset/tv/b9faeb00-ec81-42a1-ba54-18f88164034f YK varoitti perjantaina kyberrikosten olevan kasvussa koronapandemian aikana. YK:n epävirallisessa turvallisuusneuvoston kokouksessa perjantaina […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.