Daily NCSC-FI news followup 2020-03-15

CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware

www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-up-ransomware Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will not be far behind. The Coronavirus is no different. Shortly after the first cases were confirmed, DomainTools’ researchers observed a minor uptick in domain names leveraging Coronavirus and COVID-19. These registrations have peaked significantly in the past few weeks and many of them are scams.

One man lost his life savings in a SIM hack. Here’s how you can try to protect yourself

edition.cnn.com/2020/03/13/tech/sim-hack-million-dollars/index.html Robert Ross was sitting in his San Francisco home office in October 2018 when he noticed the bars on his phone had disappeared and he had no cell coverage. A few hours later, he had lost $1 million. Ross was the victim of a SIM hack, an attack that occurs when hackers take over a victim’s phone number by transferring it to a SIM card they control. By taking over his cellphone number, a hacker was able to gain access to his email address and ultimately his life-savings, Ross said in an interview with CNN Business.

Vesi- ja energialaitosten toiminta halutaan taata myös epidemiatilanteessa varautumisastetta on jo kohotettu

yle.fi/uutiset/3-11257287 Pienet vesilaitokset voivat olla haavoittuvia kriisitilanteessa. Vesilaitokset saivat perjantaina ministeriöiltä ohjeistuksen(siirryt toiseen palveluun), miten turvata vesihuollon toimivuus mahdollisen laajemman koronavirusepidemian aikana. Suurimpana uhkana vesihuollon toimintavarmuudelle pidetään vesihuoltolaitosten henkilökunnan laajamittaista sairastumista.

Data of millions of eBay and Amazon shoppers exposed

nakedsecurity.sophos.com/2020/03/12/data-of-millions-of-ebay-and-amazon-shoppers-exposed/ Researchers have discovered another big database containing millions of European customer records left unsecured on Amazon Web Services (AWS) for anyone to find using a search engine.

You might be interested in …

Daily NCSC-FI news followup 2020-08-20

Emotet palasi kesälomalta ja on jälleen aktiivinen Miten pienennät riskiä ympäristössäsi? blog.f-secure.com/fi/emotet-palasi-kesalomalta-ja-on-jalleen-aktiivinen-miten-pienennat-riskia-ymparistossasi/ Emotet-haittaohjelma on jälleen aktivoitunut rauhallisemman kevään ja kesän jälkeen. Vuodesta 2014 toiminut troijalainen on ollut vaihtelevasti tauolla, mutta jälleen on havaittavissa poikkeuksellisen voimakasta toimintaa.. Kyberturvallisuuskeskus varoitti 18.8.2020 organisaatioita haittaohjelman poikkeuksellisen aktiivisesta leviämisestä suomalaisten organisaatioiden keskuudessa ja uhka on luokiteltu tällä hetkellä vakavaksi Microsoft […]

Read More

Daily NCSC-FI news followup 2020-09-26

ThunderX ransomware silenced with release of a free decryptor www.bleepingcomputer.com/news/security/thunderx-ransomware-silenced-with-release-of-a-free-decryptor/ A decryptor for the ThunderX ransomware has been released by cybersecurity firm Tesorion that lets victims recover their files for free. When coffee makers are demanding a ransom, you know IoT is screwed arstechnica.com/information-technology/2020/09/how-a-hacker-turned-a-250-coffee-maker-into-ransom-machine/ Watch along as hacked machine grinds, beeps, and spews water. Threat […]

Read More

Daily NCSC-FI news followup 2021-05-27

Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html In April, Mandiant published information about Pulse Secure devices, in this blog post they update the findings and provide recommendations to defenders APT hackers breached US local govt by exploiting Fortinet bugs www.bleepingcomputer.com/news/security/fbi-apt-hackers-breached-us-local-govt-by-exploiting-fortinet-bugs/ FBI: As of at least May 2021, an APT actor group […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.