Daily NCSC-FI news followup 2020-04-15

Pelaavatko lapset työkoneellasi? Se voi olla vakava tietoturvariski, varoittaa F-Securen Mikko Hyppönen

yle.fi/uutiset/3-11293842 Tietomurron mahdollisuus kasvaa, mikäli työntekoon käytetään omia laitteita ilman kunnon suojausta.

Alert (AA20-106A) – Guidance on the North Korean Cyber Threat

www.us-cert.gov/ncas/alerts/aa20-106a The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public.

US offers $5 million reward for information on North Korean hackers

www.zdnet.com/article/us-offers-5-million-reward-for-information-on-north-korean-hackers/ US says North Korean hackers pose a significant threat to the integrity and stability of the international financial system.

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

threatpost.com/ppe-covid-19-medical-supplies-bec-scams/154806/ FBI said that government agencies aiming to buy critical items like ventilators have unknowingly transferred funds to threat actors.

Coronavirus Update App Leads to Project Spy Android and iOS Spyware

blog.trendmicro.com/trendlabs-security-intelligence/coronavirus-update-app-leads-to-project-spy-android-and-ios-spyware/ We discovered a potential cyberespionage campaign, which we have named Project Spy, that infects Android and iOS devices with spyware (detected by Trend Micro as AndroidOS_ProjectSpy.HRX and IOS_ProjectSpy.A, respectively). Project Spy uses the ongoing coronavirus pandemic as a lure, posing as an app called Coronavirus Updates.

Tällaisia koronahuijauksia konnat keksivät nyt: valemobiilisovelluksia, virukselta suojaavaa musiikkia ja pdf-tiedostoille ohjeita pomolta…

www.tivi.fi/uutiset/tv/0411428c-ed46-42d3-ac84-512c4c24a60a Huijaukset ovat muuttumassa entistä ammattimaisemmiksi ja uskottavammiksi, kertoo Cujo AI:n Kimmo Kasslin.

Vodafone chief speaks out after 5G conspiracy nuts torch phone mast serving Nightingale Hospital in Brum

www.theregister.co.uk/2020/04/15/vodafone_chief_speaks_out_birmingham_phone_mast_torched/ Vodafone CEO Nick Jeffrey has spoken out after arsonists targeted a phone mast serving the NHS Nightingale Hospital in Birmingham.

Windows-tietokoneisiin hyökätään korjaukset nyt jaossa

www.is.fi/digitoday/tietoturva/art-2000006475337.html Microsoft julkaisi tiistaina huhtikuun tietoturvakorjaukset. Paikkauksen sai kaikkiaan jopa 113 haavoittuvuutta 11:ssä yhtiön tuotteessa, mutta tärkeimpiä ovat kolme Windowsin haavoittuvuutta. Niihin on alettu hyökätä ennen korjausten olemassaoloa.

Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments

www.zdnet.com/article/rapid7-launches-attackerkb-a-service-for-crowdsourcing-vulnerability-assessments/ Cyber-security company Rapid7 launched today a new web service named AttackerKB, a web portal that crowdsources vulnerability assessments to help companies understand and prioritize which bugs need to be patched before others.

New tool detects AWS intrusions where hackers abuse self-replicating tokens

www.zdnet.com/article/new-tool-detects-aws-intrusions-where-hackers-abuse-self-replicating-tokens/ Security firm CyberArk has released a new tool called SkyWrapper that can detect a certain class of intrusions and malicious activity inside AWS (Amazon Web Services) computing environments.

Another day, another Google cull: Chocolate Factory axes 49 malicious Chrome extensions from web store

www.theregister.co.uk/2020/04/15/google_malicious_chrome/ Google has ousted 49 Chrome extensions from its Chrome Web Store because they contained malicious code, a ritual that should be familiar after a decade of purges.

The Shadow IT threat

www.kaspersky.com/blog/shadow-it-as-a-threat/34938/ Using services and programs that IT doesnt know about causes problems. We explain how to avoid them.

Microsoft Office security updates may break VBA programs, how to fix

www.bleepingcomputer.com/news/microsoft/microsoft-office-security-updates-may-break-vba-programs-how-to-fix/ Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday.

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

krebsonsecurity.com/2020/04/covid-19-has-united-cybersecurity-experts-but-will-that-unity-survive-the-pandemic/ The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain.

Nemty ransomware operation shuts down

www.zdnet.com/article/nemty-ransomware-operation-shuts-down/ The operators of the Nemty ransomware have announced this week they were shutting down their service after ten months in operation, ZDNet has learned from a source in the infosec community.

Extend Your Incident Response Program to DevOps With Security Automation

securityintelligence.com/posts/extend-your-incident-response-program-to-devops-with-security-automation/ One of the biggest challenges facing security teams when it comes to incident response is complexity. The continual growth in volume and severity of cyberattacks has led to increased business process and technical complexity as different threat vectors have required security leaders to purchase point solutions with unique user interfaces, custom APIs and business logic.

No IOCs? No Problem! Getting a Start Hunting for Malicious Office Files


You might be interested in …

Daily NCSC-FI news followup 2020-05-17

Who Controls Huawei? [PDF] www.ui.se/globalassets/butiken/ui-paper/2020/ui-paper-no.-5-2020.pdf = EU member states should adopt a unitary interpretation of the toolbox. A complete ban on Huawei from the rollout of European 5G might not be necessary, but the EU and its member states should strive for a significant reduction in Huaweis market share. Putin Is Well on His Way […]

Read More

Daily NCSC-FI news followup 2020-03-16

Coronavirus-themed phishing attacks and hacking campaigns are on the rise www.zdnet.com/article/coronavirus-themed-phishing-attacks-and-hacking-campaigns-are-on-the-rise/ Opportunist crooks are exploiting coronavirus as part of their phishing attacks, malware, ransomware and more. The National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the spread of coronavirus to conduct cyberattacks and hacking campaigns. Experts at the NCSC the […]

Read More

Daily NCSC-FI news followup 2020-08-17

Hackers Stole 1 Terabyte Of Data From Billion-Dollar U.S. Liquor Maker www.forbes.com/sites/leemathews/2020/08/17/brown-forman-hacked-1tb-data-stolen/ The REvil ransomware gang has struck again. This time the victim is Brown-Forman, the 150-year-old Kentucky-based company behind such brands as Jack Daniels, Finlandia vodka and Korbel champagne.. see also www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/ Tea at the Ritz soured by credit card scammers www.bbc.co.uk/news/technology-53793922 Diners at […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.