Daily NCSC-FI news followup 2020-04-15

Pelaavatko lapset työkoneellasi? Se voi olla vakava tietoturvariski, varoittaa F-Securen Mikko Hyppönen

yle.fi/uutiset/3-11293842 Tietomurron mahdollisuus kasvaa, mikäli työntekoon käytetään omia laitteita ilman kunnon suojausta.

Alert (AA20-106A) – Guidance on the North Korean Cyber Threat

www.us-cert.gov/ncas/alerts/aa20-106a The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public.

US offers $5 million reward for information on North Korean hackers

www.zdnet.com/article/us-offers-5-million-reward-for-information-on-north-korean-hackers/ US says North Korean hackers pose a significant threat to the integrity and stability of the international financial system.

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

threatpost.com/ppe-covid-19-medical-supplies-bec-scams/154806/ FBI said that government agencies aiming to buy critical items like ventilators have unknowingly transferred funds to threat actors.

Coronavirus Update App Leads to Project Spy Android and iOS Spyware

blog.trendmicro.com/trendlabs-security-intelligence/coronavirus-update-app-leads-to-project-spy-android-and-ios-spyware/ We discovered a potential cyberespionage campaign, which we have named Project Spy, that infects Android and iOS devices with spyware (detected by Trend Micro as AndroidOS_ProjectSpy.HRX and IOS_ProjectSpy.A, respectively). Project Spy uses the ongoing coronavirus pandemic as a lure, posing as an app called Coronavirus Updates.

Tällaisia koronahuijauksia konnat keksivät nyt: valemobiilisovelluksia, virukselta suojaavaa musiikkia ja pdf-tiedostoille ohjeita pomolta…

www.tivi.fi/uutiset/tv/0411428c-ed46-42d3-ac84-512c4c24a60a Huijaukset ovat muuttumassa entistä ammattimaisemmiksi ja uskottavammiksi, kertoo Cujo AI:n Kimmo Kasslin.

Vodafone chief speaks out after 5G conspiracy nuts torch phone mast serving Nightingale Hospital in Brum

www.theregister.co.uk/2020/04/15/vodafone_chief_speaks_out_birmingham_phone_mast_torched/ Vodafone CEO Nick Jeffrey has spoken out after arsonists targeted a phone mast serving the NHS Nightingale Hospital in Birmingham.

Windows-tietokoneisiin hyökätään korjaukset nyt jaossa

www.is.fi/digitoday/tietoturva/art-2000006475337.html Microsoft julkaisi tiistaina huhtikuun tietoturvakorjaukset. Paikkauksen sai kaikkiaan jopa 113 haavoittuvuutta 11:ssä yhtiön tuotteessa, mutta tärkeimpiä ovat kolme Windowsin haavoittuvuutta. Niihin on alettu hyökätä ennen korjausten olemassaoloa.

Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments

www.zdnet.com/article/rapid7-launches-attackerkb-a-service-for-crowdsourcing-vulnerability-assessments/ Cyber-security company Rapid7 launched today a new web service named AttackerKB, a web portal that crowdsources vulnerability assessments to help companies understand and prioritize which bugs need to be patched before others.

New tool detects AWS intrusions where hackers abuse self-replicating tokens

www.zdnet.com/article/new-tool-detects-aws-intrusions-where-hackers-abuse-self-replicating-tokens/ Security firm CyberArk has released a new tool called SkyWrapper that can detect a certain class of intrusions and malicious activity inside AWS (Amazon Web Services) computing environments.

Another day, another Google cull: Chocolate Factory axes 49 malicious Chrome extensions from web store

www.theregister.co.uk/2020/04/15/google_malicious_chrome/ Google has ousted 49 Chrome extensions from its Chrome Web Store because they contained malicious code, a ritual that should be familiar after a decade of purges.

The Shadow IT threat

www.kaspersky.com/blog/shadow-it-as-a-threat/34938/ Using services and programs that IT doesnt know about causes problems. We explain how to avoid them.

Microsoft Office security updates may break VBA programs, how to fix

www.bleepingcomputer.com/news/microsoft/microsoft-office-security-updates-may-break-vba-programs-how-to-fix/ Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday.

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

krebsonsecurity.com/2020/04/covid-19-has-united-cybersecurity-experts-but-will-that-unity-survive-the-pandemic/ The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain.

Nemty ransomware operation shuts down

www.zdnet.com/article/nemty-ransomware-operation-shuts-down/ The operators of the Nemty ransomware have announced this week they were shutting down their service after ten months in operation, ZDNet has learned from a source in the infosec community.

Extend Your Incident Response Program to DevOps With Security Automation

securityintelligence.com/posts/extend-your-incident-response-program-to-devops-with-security-automation/ One of the biggest challenges facing security teams when it comes to incident response is complexity. The continual growth in volume and severity of cyberattacks has led to increased business process and technical complexity as different threat vectors have required security leaders to purchase point solutions with unique user interfaces, custom APIs and business logic.

No IOCs? No Problem! Getting a Start Hunting for Malicious Office Files


You might be interested in …

Daily NCSC-FI news followup 2019-06-06

Microsoft and Oracle link up their clouds techcrunch.com/2019/06/05/microsoft-and-oracle-link-up-their-clouds/ Microsoft and Oracle announced a new alliance today that will see the two companies directly connect their clouds over a direct network connection so that their users can then move workloads and data seamlessly between the two. This alliance goes a bit beyond just basic direct connectivity […]

Read More

Daily NCSC-FI news followup 2019-07-13

Brazil is at the forefront of a new type of router attack www.zdnet.com/article/brazil-is-at-the-forefront-of-a-new-type-of-router-attack/ On these sites, malicious ads (malvertising) run special code inside users’ browsers to search and detect the IP address of a home router, the router’s model. When they detect the router’s IP and model, the malicious ads then use a list of […]

Read More

Daily NCSC-FI news followup 2019-09-23

Dear network operators, please use the existing tools to fix security www.zdnet.com/article/dear-network-operators-please-use-the-existing-tools-to-fix-security/ Internet routing may well be a screaming car wreck, but a deployathon by the Asia Pacific Network Information Centre (APNIC) has shown how short, focused efforts can make a difference.. Routers use the Border Gateway Protocol (BGP) to tell each other the current […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.