Daily NCSC-FI news followup 2020-03-27

Best password managers for business in 2020: 1Password, Keeper, LastPass, and more

www.zdnet.com/article/best-password-managers/ Everyone needs a password manager. Period, full stop. It’s the only possible way to maintain unique, hard-to-guess credentials for every secure site you, your family members, and your team access daily.

Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics

www.zdnet.com/article/booz-allen-analyzed-200-russian-hacking-operations-to-better-understand-their-tactics/ Booz Allen Hamilton, the largest private contractor for the US intelligence community, has published a comprehensive report this week detailing 15 years (2004 to 2019) of cyber operations carried out by Russia’s military hackers.. Alkuperäinen raportti:

www.boozallen.com/c/insight/publication/the-logic-behind-russian-military-cyber-operations.html

Identifying vulnerabilities and protecting you from phishing

blog.google/technology/safety-security/threat-analysis-group/identifying-vulnerabilities-and-protecting-you-phishing/ Googles Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and the people who use our products. Following our November update, today were sharing the latest insights to fight phishing, and for security teams, providing more details about our work identifying attacks against zero-day vulnerabilities

Group-IB: new financially motivated attacks in Western Europe traced to Russian-speaking threat actors

www.group-ib.com/media/silence_ta505_attacks_in_europe/ Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected successful attacks in Western Europe carried out in late January 2020. At least two companies operating in pharmaceutical and manufacturing sectors have been affected. Group-IB has immediately contacted the victims upon discovery. The tools used in the attacks were traced to Silence and TA505

Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic

www.bleepingcomputer.com/news/security/ryuk-ransomware-keeps-targeting-hospitals-during-the-pandemic/ The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic.

Malicious JavaScript Dropping Payload in the Registry

isc.sans.edu/forums/diary/Malicious+JavaScript+Dropping+Payload+in+the+Registry/25954/ When we speak about “fileless” malware, it means that the malware does not use the standard filesystem to store temporary files or payloads. But they need to write data somewhere in the system for persistence or during the infection phase. If the filesystem is not used, the classic way to store data is to use the registry. Here is an example of a malicious JavaScript code that uses a temporary

You might be interested in …

Daily NCSC-FI news followup 2019-12-01

Data of 21 million Mixcloud users put up for sale on the dark web www.zdnet.com/article/data-of-21-million-mixcloud-users-put-up-for-sale-on-the-dark-web/ A hacker has breached online music streaming service Mixcloud earlier this month, and is now selling the site’s user data online, on a dark web marketplace.. The Mixcloud data is currently sold for a price of $2,000. Short presentation about […]

Read More

Daily NCSC-FI news followup 2019-11-02

Yhdysvallat tutkii TikTok-videosovellusta “Se on vastavakoilu-uhka” yle.fi/uutiset/3-11048631 Yhdysvaltalaissenaattorien mukaan yrityst voitaisiin pakottaa jakamaan tietoja kiinalaisten tiedusteluelinten kanssa. Yhdysvaltain hallinto on alkanut tutkia kiinalaisomisteista TikTok-videosovellusta, kertoi New York Times (siirryt toiseen palveluun)perjantaina. Tutkinnan on mr selvitt, onko sovellus lhettnyt tietoja Kiinaan, kertoo lehti nimettmiin lhteisiin viitaten. Yhdysvaltalaissenaattorit ovat vaatineet selvityst sovelluksesta jo viime kuussa. TikTok on […]

Read More

Daily NCSC-FI news followup 2019-09-15

Attack Landscape H1 2019: IoT, SMB traffic abound blog.f-secure.com/attack-landscape-h1-2019-iot-smb-traffic-abound/ To no ones surprise, internet of things (IoT) device insecurity has emerged as a top concern and top driver of internet attack traffic in the first half of 2019. According to our new report, Attack Landscape H1 2019, which details traffic measured by F-Secures global network […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.