Daily NCSC-FI news followup 2020-04-11

How Apple and Google Are Enabling Covid-19 Contact-Tracing

www.wired.com/story/apple-google-bluetooth-contact-tracing-covid-19/ The tech giants have teamed up to use a Bluetooth-based framework to keep track of the spread of infections without compromising location privacy.

The Challenge of Proximity Apps For COVID-19 Contact Tracing

www.eff.org/deeplinks/2020/04/challenge-proximity-apps-covid-19-contact-tracing Around the world, a diverse and growing chorus is calling for the use of smartphone proximity technology to fight COVID-19. In particular, public health experts and others argue that smartphones could provide a solution to an urgent need for rapid, widespread contact tracingthat is, tracking who infected people come in contact with as they move through the world.

WooCommerce Falls to Fresh Card-Skimmer Malware

threatpost.com/woocommerce-card-skimmer-malware/154699/ The payment-card stealer differs from typical malware targeting WordPress-based e-commerce environments.

Kun sairaalaan tehtiin tietoturvahyökkäys, se oli viimeinen pisara Mikko Kenttälälle ja muille hakkereille, jotka haluavat käyttää taitojaan hyvään

yle.fi/uutiset/3-11296321 Mikko Kenttälä on kybervapaapalokunnan jäsen. Hän sammuttaa tietoturvan tulipaloja.

Daily NCSC-FI news followup 2020-10-07

BAHAMUT Spies-for-Hire Linked to Extensive Nation-State Activity threatpost.com/bahamut-spies-nation-state/159925/ Researchers uncovered a sophisticated, incredibly well-resourced APT that has its fingers in wide-ranging espionage and disinformation campaigns. QNAP fixes critical flaws that could lead to device takeover www.bleepingcomputer.com/news/security/qnap-fixes-critical-flaws-that-could-lead-to-device-takeover/ QNAP has addressed two critical security vulnerabilities in the Helpdesk app that could enable potential attackers to take over […]

Daily NCSC-FI news followup 2021-03-30

Älä ole hiljaa: 7 syytä, joiden vuoksi verkkorötöksistä kannattaa tehdä rikosilmoitus www.is.fi/digitoday/tietoturva/art-2000007889042.html Kyberrikokset tulisi ilmoittaa poliisille, uusi Kyberrikollisuus on poliisiasia -opas kertoo. Suuri osa kyberrikoksista jää ilmoittamatta poliisille. Tähän tärkeimmät syyt ovat epäröinti käynnistää prosessi esimerkiksi negatiivisen julkisuuden pelossa, pelko omien virheiden paljastumisesta, sekä hyötyjen ja haittojen punnitseminen, johon kuuluu muun muassa uskomus rikollisen kiinni […]

Daily NCSC-FI news followup 2021-04-05

Supply chain attacks: what we know about the SolarWinds Sunburst’ exploit, and why it still matters blog.checkpoint.com/2021/04/05/supply-chain-attacks-what-we-know-about-the-solarwinds-sunburst-exploit-and-why-it-still-matters/ In a press conference, more than 2 months after the incident, the U.S. deputy national security advisor said that investigators were still in the “beginning stages” of understanding the scope and scale of the attack. What makes the […]