Daily NCSC-FI news followup 2020-04-03

A hacker has wiped, defaced more than 15,000 Elasticsearch servers

www.zdnet.com/article/a-hacker-has-wiped-defaced-more-than-15000-elasticsearch-servers/ For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame.

A Quick Look at the Confidentiality of Zoom Meetings

citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/ This report examines the encryption that protects meetings in the popular Zoom teleconference app. We find that Zoom has rolled their own encryption scheme, which has significant weaknesses. In addition, we identify potential areas of concern in Zooms infrastructure, including observing the transmission of meeting encryption keys through China.

Europol report on cybercrime and disinformation amid the COVID-19 pandemic

www.europol.europa.eu/newsroom/news/catching-virus During the COVID-19 pandemic, criminals have been quick to seize opportunities to exploit the crisis by adapting their modi operandi and engaging in new criminal activities. Cybercriminals have been among the most adept at exploiting the pandemic. The threat from cybercrime activities during the crisis is dynamic and has the potential to increase further. With a record number of potential victims . staying at home and using online services across the EU, the ways for cybercriminals seeking to exploit emerging opportunities and vulnerabilities have multiplied.. Report at

www.europol.europa.eu/sites/default/files/documents/catching_the_virus_cybercrime_disinformation_and_the_covid-19_pandemic_0.pdf

Thousands of Zoom video calls left exposed on open Web

www.washingtonpost.com/technology/2020/04/03/thousands-zoom-video-calls-left-exposed-open-web/ The problem is not exclusive to Zoom video or Amazon storage. But in designing their service, Zooms engineers bypassed some common security features of other video-chat programs, such as requiring people to use a unique file name before saving their own clips. That style of operating simplicity has powered Zoom to become the most popular video-chat application in the United States, but it has . also frustrated some security researchers who believe such shortcuts can leave users more vulnerable to hacks or abuse.

Supo: Poikkeusolojen pitkittyminen voi lisätä kansallisen turvallisuuden uhkia myös etätyö aiheuttaa oman riskinsä

yle.fi/uutiset/3-11288420?origin=rss Supo harvoin ohjeistaa suoraan kansalaisia, mutta koronavirustilanteen keskellä se lähettää terveiset kotikonttoreille. Nyt olisi hyvä aika muistaa tietoturva.

Poikkeuksellisen taitavat huijarit vaativat Postin nimissä valemaksuja lasku voi tulla aitoon viestiketjuun

yle.fi/uutiset/3-11290792?origin=rss Tekstiviestihuijaus voi tulla puhelimeen samaan viestiketjuun ja ikään kuin samalta lähettäjältä kuin aidot saapumisilmoitusviestit.

Harden Your Zoom Settings to Protect Your Privacy and Avoid Trolls

www.eff.org/deeplinks/2020/04/harden-your-zoom-settings-protect-your-privacy-and-avoid-trolls In the meantime, take these steps to harden your Zoom privacy settings and protect your meetings from Zoombombing trolls. The settings below are all separate, which means you dont need to change them all, and you dont need to change them in any particular order. Consider which settings make sense for you and the groups you communicate with, and do your best to make sure meeting . organizers and participants are on the same page about settings and shared expectations.

You might be interested in …

Daily NCSC-FI news followup 2019-10-12

These are the 29 countries vulnerable to Simjacker attacks www.zdnet.com/article/these-are-the-29-countries-vulnerable-to-simjacker-attacks/ Adaptive Mobile publishes the list of countries where mobile operators ship SIM cards vulnerable to Simjacker attacks.. Simjacker attacks spotted in Mexico, Colombia and Peru. Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit www.bleepingcomputer.com/news/security/nemty-16-ransomware-released-and-pushed-via-rig-exploit-kit/ The RIG exploit kit is now pushing a cocktail […]

Read More

Daily NCSC-FI news followup 2020-06-09

CallStranger UPnP bug allows data theft, DDoS attacks, LAN scans www.bleepingcomputer.com/news/security/callstranger-upnp-bug-allows-data-theft-ddos-attacks-lan-scans/ A vulnerability in the Universal Plug and Play protocol implemented in billions of devices can be exploited to exfiltrate data, turn them into bots for distributed denial-of-service attacks (DDoS), and scan internal networks. US energy providers hit with new malware in targeted attacks www.bleepingcomputer.com/news/security/us-energy-providers-hit-with-new-malware-in-targeted-attacks/ […]

Read More

Daily NCSC-FI news followup 2019-07-08

Croatia government agencies targeted with news SilentTrinity malware securityaffairs.co/wordpress/88021/apt/croatia-government-silenttrinity-malware.html A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands.. Between February […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.