NCSC-FI News followup

Daily NCSC-FI news followup 2020-04-15

Pelaavatko lapset työkoneellasi? Se voi olla vakava tietoturvariski, varoittaa F-Securen Mikko Hyppönen Tietomurron mahdollisuus kasvaa, mikäli työntekoon käytetään omia laitteita ilman kunnon suojausta.

Alert (AA20-106A) – Guidance on the North Korean Cyber Threat The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public.

US offers $5 million reward for information on North Korean hackers US says North Korean hackers pose a significant threat to the integrity and stability of the international financial system.

PPE, COVID-19 Medical Supplies Targeted by BEC Scams FBI said that government agencies aiming to buy critical items like ventilators have unknowingly transferred funds to threat actors.

Coronavirus Update App Leads to Project Spy Android and iOS Spyware We discovered a potential cyberespionage campaign, which we have named Project Spy, that infects Android and iOS devices with spyware (detected by Trend Micro as AndroidOS_ProjectSpy.HRX and IOS_ProjectSpy.A, respectively). Project Spy uses the ongoing coronavirus pandemic as a lure, posing as an app called Coronavirus Updates.

Tällaisia koronahuijauksia konnat keksivät nyt: valemobiilisovelluksia, virukselta suojaavaa musiikkia ja pdf-tiedostoille ohjeita pomolta… Huijaukset ovat muuttumassa entistä ammattimaisemmiksi ja uskottavammiksi, kertoo Cujo AI:n Kimmo Kasslin.

Vodafone chief speaks out after 5G conspiracy nuts torch phone mast serving Nightingale Hospital in Brum Vodafone CEO Nick Jeffrey has spoken out after arsonists targeted a phone mast serving the NHS Nightingale Hospital in Birmingham.

Windows-tietokoneisiin hyökätään korjaukset nyt jaossa Microsoft julkaisi tiistaina huhtikuun tietoturvakorjaukset. Paikkauksen sai kaikkiaan jopa 113 haavoittuvuutta 11:ssä yhtiön tuotteessa, mutta tärkeimpiä ovat kolme Windowsin haavoittuvuutta. Niihin on alettu hyökätä ennen korjausten olemassaoloa.

Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments Cyber-security company Rapid7 launched today a new web service named AttackerKB, a web portal that crowdsources vulnerability assessments to help companies understand and prioritize which bugs need to be patched before others.

New tool detects AWS intrusions where hackers abuse self-replicating tokens Security firm CyberArk has released a new tool called SkyWrapper that can detect a certain class of intrusions and malicious activity inside AWS (Amazon Web Services) computing environments.

Another day, another Google cull: Chocolate Factory axes 49 malicious Chrome extensions from web store Google has ousted 49 Chrome extensions from its Chrome Web Store because they contained malicious code, a ritual that should be familiar after a decade of purges.

The Shadow IT threat Using services and programs that IT doesnt know about causes problems. We explain how to avoid them.

Microsoft Office security updates may break VBA programs, how to fix Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday.

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic? The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain.

Nemty ransomware operation shuts down The operators of the Nemty ransomware have announced this week they were shutting down their service after ten months in operation, ZDNet has learned from a source in the infosec community.

Extend Your Incident Response Program to DevOps With Security Automation One of the biggest challenges facing security teams when it comes to incident response is complexity. The continual growth in volume and severity of cyberattacks has led to increased business process and technical complexity as different threat vectors have required security leaders to purchase point solutions with unique user interfaces, custom APIs and business logic.

No IOCs? No Problem! Getting a Start Hunting for Malicious Office Files

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.