Daily NCSC-FI news followup 2020-03-22

Remote working safety and security

www.kaspersky.com/blog/remote-work-security/34258/?utm_source=rss&utm_medium=rss&utm_campaign=remote-work-security That makes sense: If companies are to continue functioning, and if your job is location-neutral, staying home reduces the likelihood of catching and transmitting the coronavirus while letting you continue doing your job.

Honeypot – Scanning and Targeting Devices & Services

isc.sans.edu/forums/diary/Honeypot+Scanning+and+Targeting+Devices+Services/25928/ I was curious this week to see if my honeypot traffic would increase since a large portion of the world is working from home. Reviewing my honeypot logs, I decided to check what type of filename was mostly targeted (GET/POST/HEAD) by scanners this past week on any web supported ports (i.e. 80, 81, 8000, etc). This first graph shows overall activity for the past 7 days.

Kyberisku korona-aikana voi olla hengenvaarallinen Suomalaishakkerit tarjoavat apua ilmaiseksi

www.iltalehti.fi/digiuutiset/a/c56d3fb5-d0cd-4138-a023-cc1ca25f1420 Suomeen on perustettu uusi vapaaehtoisorganisaatio KyberVPK, jonka tarkoituksena on auttaa terveydenhuollon toimijoita ja muiden kriittisten toimintojen tuottajia ratkaisemaan kyberuhkia ja ennaltaehkäisemään niitä poikkeuksellisessa tilanteessa. Kolmenkymmenen tietoturva-alan ammattilaisen ja eettisen hakkerin muodostama KyberVPK kertoo auttavansa toimijoita ehkäisemään tietoturvaongelmia, testaa ympäristön turvallisuutta, ratkoo tietoturvapoikkeamia ja auttaa järjestelmien turvallisessa käyttöönotossa ilmaiseksi.

Commission Delivers U.S. Cybersecurity Roadmap

www.govtech.com/blogs/lohrmann-on-cybersecurity/commission-delivers-us-cybersecurity-roadmap.html In the midst of our growing COVID-19 pandemic crisis, a major new U.S. cybersecurity strategy was released by a bipartisan commission on March 11, 2020. This ground-breaking report outlines a strategy to fundamentally reshape the U.S.s approach to cybersecurity and prepare for resiliency and response before a major cyber incident occurs.

You might be interested in …

Daily NCSC-FI news followup 2020-05-24

Securing smart infrastructure during the COVID-19 pandemic www.enisa.europa.eu/news/enisa-news/securing-smart-infrastructure-in-covid-19-pandemic Securing smart homes and smart buildings from cybersecurity risks becomes more relevant than ever in the light of the COVID-19 pandemic crisis. ENISA presents some fundamental measures for securing smart devices. AgentTesla Delivered via a Malicious PowerPoint Add-In isc.sans.edu/forums/diary/AgentTesla+Delivered+via+a+Malicious+PowerPoint+AddIn/26162/ Attackers are always trying to find new ways […]

Read More

Daily NCSC-FI news followup 2021-08-13

Microsoft Exchange servers are getting hacked via ProxyShell exploits www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-are-getting-hacked-via-proxyshell-exploits/ Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. ProxyShell is the name of an attack that uses three chained Microsoft Exchange vulnerabilities to perform unauthenticated, remote code execution. Vice Society Leverages PrintNightmare In Ransomware Attacks […]

Read More

Daily NCSC-FI news followup 2020-12-25

SUNBURST Additional Technical Details www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html FireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we recommend readers familiarize themselves with our blog post about the SolarWinds supply chain compromise, which revealed a global intrusion campaign by a sophisticated […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.