Daily NCSC-FI news followup 2020-04-14

Koronan ja 5g:n yhdistävä salaliittoteoria leviää nyt tukiasemat palavat Hollannissa

www.is.fi/digitoday/mobiili/art-2000006474027.html Tuhopoltoiksi epäillyt tukiasemapalot levisivät Britanniasta Hollantiin.

Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic

thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminalswith no conscience and empathyare continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers.. see also


Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update

threatpost.com/oracle-tackles-405-bugs-for-april-quarterly-patch-update/154737/ Oracle will detail 405 new security vulnerabilities Tuesday, part of its quarterly Critical Patch Update Advisory.. Business software giant Oracle Corp. revealed 286 of those vulnerabilities are remotely exploitable across nearly two dozen product lines.

FBI warns of ongoing COVID-19 scams targeting govt, health care

www.bleepingcomputer.com/news/security/fbi-warns-of-ongoing-covid-19-scams-targeting-govt-health-care/ The U.S. Federal Bureau of Investigation (FBI) warned government agencies and health care organizations of ongoing BEC schemes exploiting the COVID-19 pandemic, as well as an overall increase in cryptocurrency and health care fraud scam activity targeting consumers.

Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines

threatpost.com/cyberattacks-healthcare-orgs-coronavirus-frontlines/154768/ Cybercriminals arent sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware.

Russian state hackers behind San Francisco airport hack

www.zdnet.com/article/russian-state-hackers-behind-san-francisco-airport-hack/ ESET says a Russian hacker group known as Energetic Bear (DragonFly) is behind a hack of two of the airport’s websites.. In a series of tweets today, ESET said that “the targeted information was NOT the visitor’s credentials to the compromised websites, but rather the visitor’s own Windows credentials.”

Microsoft April 2020 Patch Tuesday fixes 4 zero-days, 15 critical flaws

www.bleepingcomputer.com/news/microsoft/microsoft-april-2020-patch-tuesday-fixes-4-zero-days-15-critical-flaws/ With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low.. Of particular interest, Microsoft patched four zero-day vulnerabilities, with three of them being seen actively exploited in attacks.

Adobe Fixes Important Flaws in ColdFusion, After Effects and Digital Editions

threatpost.com/adobe-fixes-important-flaws-in-coldfusion-after-effects-and-digital-editions/154780/ While Adobes regularly scheduled security updates were light this month, they fixed important severity vulnerabilities.

US consumers report $12M in COVID-19 scam losses since January

www.bleepingcomputer.com/news/security/us-consumers-report-12m-in-covid-19-scam-losses-since-january/ The U.S. Federal Trade Commission says that approximately $12 million were lost to Coronavirus-related scams according to consumer reports received since January 2020.

RagnarLocker ransomware hits EDP energy giant, asks for 10M

www.bleepingcomputer.com/news/security/ragnarlocker-ransomware-hits-edp-energy-giant-asks-for-10m/ Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or 9.9M).. EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy.

TA505 Continues to Infect Networks With SDBbot RAT

securityintelligence.com/posts/ta505-continues-to-infect-networks-with-sdbbot-rat/ During analysis and comparison of malicious activity on enterprise networks, our team identified attacks likely linked to Hive0065, also known as TA505. We observed that Hive0065 continues to spread the SDBbot remote-access Trojan (RAT) alongside other custom malware and continues to display tactics used against companies within the past year.

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds

threatpost.com/tiktok-flaw-allows-threat-actors-to-plant-forged-videos-in-user-feeds/154760/ The popular video-sharing appss use of HTTP to download media content instead of a secure protocol could lead to the spread of misinformation on the platform.

Sovelluskaupasta löydettiin yli 30 tilausansan sisältävää suosittua sovellusta tarkista musta lista täältä

www.tivi.fi/uutiset/tv/4c5850c3-066d-4bcb-b2c5-a0cae57edade Tietoturvayhtiö Sophos julkaisi viime viikolla tiedotteen, jonka mukaan yli 3,5 miljoonaa iOS-käyttäjää on asentanut tilausansoja sisältäviä fleeceware-sovelluksia, Techspot kirjoittaa.

With IoT, Common Devices Pose New Threats

www.coalfire.com/The-Coalfire-Blog/April-2020/With-IoT-Common-Devices-Pose-New-Threats Coalfire decided to see how low the barrier was for hackers to attempt to cause life-threatening harm by weaponizing one of todays increasingly common and cheap devices. In this three-part blog post, we will identify the target, uncover challenges, and hopefully answer our query above.

NetWire RAT Targeting Taxpayers is Spreading via Legacy Microsoft Excel 4.0 Macro

www.fortinet.com/blog/threat-research/netwire-rat-targeting-taxpayers-is-spreading-via-legacy-microsoft-excel-4-0-macro.html FortiGuard Labs has observed the NetWire RAT (Remote Access Trojan) spreading widely over the past years. By analyzing NetWire samples, threat researchers have documented that the NetWire RAT focuses on stealing credential information, logging keystrokes, and stealing hardware information including hard drives, network cards, and similar components.

Think you know how to hide info in images?

www.kaspersky.com/blog/how-to-leak-image-info/34875/ We explain how to hide private data in images properly, without making rookie mistakes.

You might be interested in …

Daily NCSC-FI news followup 2019-10-03

Casbaneiro: Dangerous cooking with a secret ingredient www.welivesecurity.com/2019/10/03/casbaneiro-trojan-dangerous-cooking/ Casbaneiro, also known as Metamorfo, is a typical Latin American banking trojan that targets banks and cryptocurrency services in Brazil and Mexico (Figure 1). It uses the social engineering method described in the introduction to our previous article, where fake pop-up windows are displayed. Just a GIF […]

Read More

Daily NCSC-FI news followup 2020-08-30

Major internet outage: Dozens of websites and apps are down edition.cnn.com/2020/08/30/tech/internet-outage-cloudflare/index.html Cloudflare, an internet service that is supposed to keep websites up and running, was down itself Sunday, taking dozens of websites and online services along with it. Hulu, the PlayStation Network, Xbox Live, Feedly, Discord, and dozens of other services reported connectivity problems Sunday […]

Read More

Daily NCSC-FI news followup 2020-04-23

Twitter will remove dubious 5G tweets that could potentially cause harm’ techcrunch.com/2020/04/22/twitter-will-remove-dubious-5g-tweets-that-could-potentially-cause-harm/ “We’re prioritizing the removal of COVID-19 content when it has a call to action that could potentially cause harm, “ First version of Apple and Google’s contact tracing API should be available to developers next week techcrunch.com/2020/04/23/first-version-of-apple-and-googles-contact-tracing-api-should-be-available-to-developers-next-week/ The first version of Apple and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.