Daily NCSC-FI news followup 2020-04-14

Koronan ja 5g:n yhdistävä salaliittoteoria leviää nyt tukiasemat palavat Hollannissa

www.is.fi/digitoday/mobiili/art-2000006474027.html Tuhopoltoiksi epäillyt tukiasemapalot levisivät Britanniasta Hollantiin.

Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic

thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminalswith no conscience and empathyare continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers.. see also


Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update

threatpost.com/oracle-tackles-405-bugs-for-april-quarterly-patch-update/154737/ Oracle will detail 405 new security vulnerabilities Tuesday, part of its quarterly Critical Patch Update Advisory.. Business software giant Oracle Corp. revealed 286 of those vulnerabilities are remotely exploitable across nearly two dozen product lines.

FBI warns of ongoing COVID-19 scams targeting govt, health care

www.bleepingcomputer.com/news/security/fbi-warns-of-ongoing-covid-19-scams-targeting-govt-health-care/ The U.S. Federal Bureau of Investigation (FBI) warned government agencies and health care organizations of ongoing BEC schemes exploiting the COVID-19 pandemic, as well as an overall increase in cryptocurrency and health care fraud scam activity targeting consumers.

Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines

threatpost.com/cyberattacks-healthcare-orgs-coronavirus-frontlines/154768/ Cybercriminals arent sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware.

Russian state hackers behind San Francisco airport hack

www.zdnet.com/article/russian-state-hackers-behind-san-francisco-airport-hack/ ESET says a Russian hacker group known as Energetic Bear (DragonFly) is behind a hack of two of the airport’s websites.. In a series of tweets today, ESET said that “the targeted information was NOT the visitor’s credentials to the compromised websites, but rather the visitor’s own Windows credentials.”

Microsoft April 2020 Patch Tuesday fixes 4 zero-days, 15 critical flaws

www.bleepingcomputer.com/news/microsoft/microsoft-april-2020-patch-tuesday-fixes-4-zero-days-15-critical-flaws/ With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low.. Of particular interest, Microsoft patched four zero-day vulnerabilities, with three of them being seen actively exploited in attacks.

Adobe Fixes Important Flaws in ColdFusion, After Effects and Digital Editions

threatpost.com/adobe-fixes-important-flaws-in-coldfusion-after-effects-and-digital-editions/154780/ While Adobes regularly scheduled security updates were light this month, they fixed important severity vulnerabilities.

US consumers report $12M in COVID-19 scam losses since January

www.bleepingcomputer.com/news/security/us-consumers-report-12m-in-covid-19-scam-losses-since-january/ The U.S. Federal Trade Commission says that approximately $12 million were lost to Coronavirus-related scams according to consumer reports received since January 2020.

RagnarLocker ransomware hits EDP energy giant, asks for 10M

www.bleepingcomputer.com/news/security/ragnarlocker-ransomware-hits-edp-energy-giant-asks-for-10m/ Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or 9.9M).. EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy.

TA505 Continues to Infect Networks With SDBbot RAT

securityintelligence.com/posts/ta505-continues-to-infect-networks-with-sdbbot-rat/ During analysis and comparison of malicious activity on enterprise networks, our team identified attacks likely linked to Hive0065, also known as TA505. We observed that Hive0065 continues to spread the SDBbot remote-access Trojan (RAT) alongside other custom malware and continues to display tactics used against companies within the past year.

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds

threatpost.com/tiktok-flaw-allows-threat-actors-to-plant-forged-videos-in-user-feeds/154760/ The popular video-sharing appss use of HTTP to download media content instead of a secure protocol could lead to the spread of misinformation on the platform.

Sovelluskaupasta löydettiin yli 30 tilausansan sisältävää suosittua sovellusta tarkista musta lista täältä

www.tivi.fi/uutiset/tv/4c5850c3-066d-4bcb-b2c5-a0cae57edade Tietoturvayhtiö Sophos julkaisi viime viikolla tiedotteen, jonka mukaan yli 3,5 miljoonaa iOS-käyttäjää on asentanut tilausansoja sisältäviä fleeceware-sovelluksia, Techspot kirjoittaa.

With IoT, Common Devices Pose New Threats

www.coalfire.com/The-Coalfire-Blog/April-2020/With-IoT-Common-Devices-Pose-New-Threats Coalfire decided to see how low the barrier was for hackers to attempt to cause life-threatening harm by weaponizing one of todays increasingly common and cheap devices. In this three-part blog post, we will identify the target, uncover challenges, and hopefully answer our query above.

NetWire RAT Targeting Taxpayers is Spreading via Legacy Microsoft Excel 4.0 Macro

www.fortinet.com/blog/threat-research/netwire-rat-targeting-taxpayers-is-spreading-via-legacy-microsoft-excel-4-0-macro.html FortiGuard Labs has observed the NetWire RAT (Remote Access Trojan) spreading widely over the past years. By analyzing NetWire samples, threat researchers have documented that the NetWire RAT focuses on stealing credential information, logging keystrokes, and stealing hardware information including hard drives, network cards, and similar components.

Think you know how to hide info in images?

www.kaspersky.com/blog/how-to-leak-image-info/34875/ We explain how to hide private data in images properly, without making rookie mistakes.

You might be interested in …

Daily NCSC-FI news followup 2020-02-10

App Used by Netanyahu’s Likud Leaks Israel’s Entire Voter Registry www.haaretz.com/israel-news/elections/.premium-app-used-by-netanyahu-s-likud-leaks-israel-s-entire-voter-registry-1.8509696 The Likud has uploaded the full register of Israeli voters to an application, causing the leak of personal data on 6,453,254 citizens. The information includes the full names, identity card numbers, addresses and gender of every single eligible voter in Israel, as well as […]

Read More

Daily NCSC-FI news followup 2021-01-13

Cloud Threat Hunting: Attack & Investigation Series- Lateral Movement Under the Radar blog.checkpoint.com/2021/01/13/cloud-threat-hunting-attack-investigation-series-lateral-movement-under-the-radar/ A sign of a truly sophisticated attack in the cloud is the ability to move laterally undetected. Doing so successfully requires knowledge of many techniques. In this latest installation of the Cloud Threat Hunting: Attack and Investigation Series, we present the most […]

Read More

Daily NCSC-FI news followup 2020-03-11

Warning Unpatched Critical ‘Wormable’ Windows SMBv3 Flaw Disclosed thehackernews.com/2020/03/smbv3-wormable-vulnerability.html Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol. Beware of ‘Coronavirus Maps’ It’s a malware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.