Daily NCSC-FI news followup 2020-03-22

Remote working safety and security

www.kaspersky.com/blog/remote-work-security/34258/?utm_source=rss&utm_medium=rss&utm_campaign=remote-work-security That makes sense: If companies are to continue functioning, and if your job is location-neutral, staying home reduces the likelihood of catching and transmitting the coronavirus while letting you continue doing your job.

Honeypot – Scanning and Targeting Devices & Services

isc.sans.edu/forums/diary/Honeypot+Scanning+and+Targeting+Devices+Services/25928/ I was curious this week to see if my honeypot traffic would increase since a large portion of the world is working from home. Reviewing my honeypot logs, I decided to check what type of filename was mostly targeted (GET/POST/HEAD) by scanners this past week on any web supported ports (i.e. 80, 81, 8000, etc). This first graph shows overall activity for the past 7 days.

Kyberisku korona-aikana voi olla hengenvaarallinen Suomalaishakkerit tarjoavat apua ilmaiseksi

www.iltalehti.fi/digiuutiset/a/c56d3fb5-d0cd-4138-a023-cc1ca25f1420 Suomeen on perustettu uusi vapaaehtoisorganisaatio KyberVPK, jonka tarkoituksena on auttaa terveydenhuollon toimijoita ja muiden kriittisten toimintojen tuottajia ratkaisemaan kyberuhkia ja ennaltaehkäisemään niitä poikkeuksellisessa tilanteessa. Kolmenkymmenen tietoturva-alan ammattilaisen ja eettisen hakkerin muodostama KyberVPK kertoo auttavansa toimijoita ehkäisemään tietoturvaongelmia, testaa ympäristön turvallisuutta, ratkoo tietoturvapoikkeamia ja auttaa järjestelmien turvallisessa käyttöönotossa ilmaiseksi.

Commission Delivers U.S. Cybersecurity Roadmap

www.govtech.com/blogs/lohrmann-on-cybersecurity/commission-delivers-us-cybersecurity-roadmap.html In the midst of our growing COVID-19 pandemic crisis, a major new U.S. cybersecurity strategy was released by a bipartisan commission on March 11, 2020. This ground-breaking report outlines a strategy to fundamentally reshape the U.S.s approach to cybersecurity and prepare for resiliency and response before a major cyber incident occurs.

You might be interested in …

Daily NCSC-FI news followup 2020-07-28

Älykelloissa käytettävät Garmin-sovellukset toimivat jälleen usean päivän jälkeen yhtiö myöntää olleensa kyberhyökkäyksen kohde yle.fi/uutiset/3-11467797 Muun muassa älykelloja valmistava Garmin myöntää olleensa kyberhyökkäyksen kohteena. Yhtiön mukaan sen sovellukset olivat maanantaina palaamassa jälleen toimintaan usean päiävän käyttökatkon jälkeen. Niiden pitäisi palautua normaaleiksi muutaman päivän kuluessa. Lisäksi www.forbes.com/sites/barrycollins/2020/07/28/garmin-risks-repeat-attack-if-it-paid-10-million-ransom/ ja www.tivi.fi/uutiset/tv/5beb6fe2-dc58-4e3b-9494-0ab3284c8ffd. ja www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/. Lisäksi arstechnica.com/information-technology/2020/07/garmans-four-day-service-meltdown-was-caused-by-ransomware/ ja www.is.fi/digitoday/tietoturva/art-2000006584082.html ja www.zdnet.com/article/garmin-begins-to-restore-garmin-connect-features-services. […]

Read More

Daily NCSC-FI news followup 2020-05-22

Ragnar Locker ransomware deploys virtual machine to dodge security news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/ A new ransomware attack method takes defense evasion to a new leveldeploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine.. […]

Read More

Daily NCSC-FI news followup 2019-10-26

U.N., UNICEF, Red Cross Under Ongoing Mobile Attack threatpost.com/un-unicef-red-cross-mobile-attack/149556/ A smart mobile-first phishing effort uses valid certificates to sign fake Office 365 pages, and logs keystrokes in real time. An ongoing, mobile-focused phishing campaign is targeting the United Nations and several humanitarian aid organizations, including UNICEF, the Red Cross and UN World Food. The campaign […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.