Daily NCSC-FI news followup 2020-04-21

FBI warns of COVID-19 phishing targeting US health providers

www.bleepingcomputer.com/news/security/fbi-warns-of-covid-19-phishing-targeting-us-health-providers/ The U.S. Federal Bureau of Investigation (FBI) today warned of ongoing phishing campaigns targeting US healthcare providers using COVID-19 themed lures to distribute malicious attachments.

2, 000 coronavirus scammers taken offline in major phishing crackdown

www.zdnet.com/article/2000-coronavirus-scammers-taken-offline-in-major-phishing-crackdown/ And now cybersecurity authorities want your help with spotting fake and fraud emails.

France asks Apple to relax iPhone security for coronavirus tracking app development

www.zdnet.com/article/france-asks-apple-to-relax-iphone-security-for-coronavirus-tracking-app-development/ A technical issue is stymying the development of a government app for tracing COVID-19.

2 billion phones cannot use Google and Apple contact-tracing tech

arstechnica.com/tech-policy/2020/04/2-billion-phones-cannot-use-google-and-apple-contract-tracing-tech/ The particular kind of Bluetooth “low energy” chips that are used to detect proximity between devices without running down the phone’s battery are absent from a quarter of smartphones in active use globally today, according to analysts at Counterpoint Research. A further 1.5 billion people still use basic or “feature” phones that do not run iOS or Android at all.

Rantautuiko vaarallinen vainoharha nyt myös Suomeen? Poliisi epäilee liekkimerta tahalliseksi tuhotyöksi

www.tivi.fi/uutiset/rantautuiko-vaarallinen-vainoharha-nyt-myos-suomeen-poliisi-epailee-liekkimerta-tahalliseksi-tuhotyoksi/e1f752a3-2769-4074-a894-b854b6528ce6 Poliisi epäilee teletekniikkarakennuksen paloa Pohjanmaalla tahallaan sytytetyksi. Maailmalla on keväällä sytytetty tahallaan useita 5g-mastoja ilmeisesti koronavirukseen liittyvien harhaluulojen takia, mutta poliisilla ei ole tietoa Pohjanmaan tapauksen tekijästä tai motiivista.

Vulnerability Spotlight: Zoom Communications User Enumeration

blog.talosintelligence.com/2020/04/zoom-user-enumeration.html Today, Cisco Talos is disclosing a user enumeration vulnerability in Zoom Communications that could allow a malicious user to obtain a complete list of Zoom users inside a specific organization.

Researcher discloses four IBM zero-days after refusal to fix

www.bleepingcomputer.com/news/security/researcher-discloses-four-ibm-zero-days-after-refusal-to-fix/ Four zero-day vulnerabilities found in an IBM enterprise security software were disclosed today by a security researcher after IBM refused to fix them and to accept the vulnerability report sent via CERT/CC. The four 0days published today by Pedro Ribeiro Director of Research at Agile Information Security on GitHub were discovered in IBM Data Risk Manager (IDRM), a tool designed to help “uncover, analyze and visualize data-related business risks.”

Unpatchable ‘Starbleed’ Bug in FPGA Chips Exposes Critical Devices to Hackers

thehackernews.com/2020/04/fpga-chip-vulnerability.html A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans.

Hey there! Are you using WhatsApp? Your account may be hackable

www.welivesecurity.com/2020/04/20/hey-there-using-whatsapp-your-account-hackable/ Can someone take control of your WhatsApp account by just knowing your phone number? We ran a small test to find out. [Tip: Use 2FA]

Exposed Redis Instances Abused for Remote Code Execution, Cryptocurrency Mining


Bad news: Cognizant hit by ransomware gang. Worse: It’s Maze, which leaks victims’ data online after


Hankkija raskaan kyberhyökkäyksen kohteena elintärkeät järjestelmät poissa pelistä

www.tivi.fi/uutiset/tv/f572bf2a-1549-4f17-92fc-ee47cb2ee9d3 Maatalousalan yhtiö Hankkija tiedottaa, että sen emoyhtiö Danish Agron tietojärjestelmiin iskettiin sunnuntaina. Vakavaksi luonnehditun iskun aiheuttamien järjestelmähäiriöiden takia Hankkijan ja Moveren tuotteiden toimituksessa ja laskutuksessa on häiriöitä ja viivästyksiä.

Here’s a list of all the ransomware gangs who will steal and leak your data if you don’t pay


Weeks before US oil contract prices went negative, a spear-phishing crew went after oil firms. What did they get?

www.theregister.co.uk/2020/04/21/bitdefender_opec_attacks/ Who wants to know about their biz plans? Someone determined. Also:


Oil and Gas Firms Targeted With Agent Tesla Spyware

threatpost.com/oil-and-gas-agent-tesla-spyware/154973/ Highly targeted spearphishing emails are being sent to oil and gas companies in hopes of infecting them with the Agent Tesla spyware.

Something a bit phishy in your inbox? You can now email suspected frauds straight to Blighty’s web takedown cops

www.theregister.co.uk/2020/04/21/ncsc_email_scam_takedown_address/ The National Cyber Security Centre [of UK] has launched the Suspicious Email Reporting Service: a new email address for reporting scam mails to a government department that might actually do something about it.

Nintendo accounts are getting hacked and used to buy Fortnite currency

www.zdnet.com/article/nintendo-accounts-are-getting-hacked-and-used-to-buy-fortnite-currency/#ftag=RSSbaffb68 Nintendo has recommended that users enable two-factor authentication on their accounts.

New Coronavirus screenlocker malware is extremely annoying

www.bleepingcomputer.com/news/security/new-coronavirus-screenlocker-malware-is-extremely-annoying/ A fake WiFi hacking program is being used to distribute a new Coronavirus-themed malware that tries to lock you out of Windows while making some very annoying sounds.

Mootbot Botnet Targets Fiber Routers with Dual Zero-Days

threatpost.com/mootbot-fiber-routers-zero-days/154962/ Researchers saw several IoT botnets using one of the bugs in the wild after a proof-of-concept was published in March.

Grouping Linux IoT Malware Samples With Trend Micro ELF Hash


Google productises its own not-a-VPN secure remote access tool

www.theregister.co.uk/2020/04/21/google_productises_its_own_not_vpn_beyondcorp/ Zero-trust access to web applications with very fine-grained access controls

Microsoft puts a stop to auto-updates of Azure Service Fabric ‘until further notice’


Valtionyhtiö hankkii yli sadan miljoonan verkon viranomaisille “Tämä on teknologiapäivitys”

www.tivi.fi/uutiset/tv/b3fef634-484c-402a-98e0-9411d1733b4f Julkisessa verkossa viranomaisten tiedonsiirron priorisointi on Suomen Erillisverkkojen toimitusjohtaja Timo Lehtimäen mukaan yksi Virve 2.0 – -hankkeen ydinaiheista.

The Incident Response Challenge 2020 Win $5, 000 Prize!

thehackernews.com/2020/04/incident-response-challenge.html Cybersecurity firm Cynet today announced the launch of a first of its kind challenge to enable Incident Response professionals to test their skills with 25 forensic challenges that were built by top researchers and analysts.

New sextortion threat making the rounds

www.zdnet.com/article/new-sextortion-threat-making-the-rounds/ Don’t be surprised or alarmed if a new sextortion scam lands in your inbox. It is a bogus as every other one — and it may be using data from the Ashley Madison hack.

New iOS exploit discovered being used to spy on China’s Uyghur minority

www.zdnet.com/article/new-ios-exploit-discovered-being-used-to-spy-on-chinas-uyghur-minority/ New “Insomnia” exploit works on iOS versions 12.3, 12.3.1, and 12.3.2; was patched in iOS 12.4 last year.

You might be interested in …

Daily NCSC-FI news followup 2021-03-23

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector The NCSC is responding to further targeted ransomware attacks on the education sector by cyber criminals. When & How to Report Security Incidents www.enisa.europa.eu/news/enisa-news/when-how-to-report-security-incidents The European Union Agency for Cybersecurity (ENISA) releases new guidelines to facilitate the reporting of security incidents […]

Read More

Daily NCSC-FI news followup 2020-01-29

EXCLUSIVE: The cyber attack the UN tried to keep under wraps www.thenewhumanitarian.org/investigation/2020/01/29/united-nations-cyber-attack The UN did not publicly disclose a major hacking attack into its IT systems in Europe a decision that potentially put staff, other organisations, and individuals at risk, according to data protection advocates.. also: apnews.com/0d958e15d7f5081dd612f07482f48b73 Someone Tried to Hack My Phone. Technology Researchers […]

Read More

Daily NCSC-FI news followup 2020-07-13

The NCSC-UK’s Exercise in a Box tool set has been updated to help organisations keep their employees safe while working from home www.zdnet.com/article/remote-working-this-free-tool-tests-how-good-your-security-really-is/ The ‘Home and Remote Working’ exercise has been added to the NCSC-UK’s Exercise in a Box, a toolkit designed to help small and medium-sized businesses prepare to defend against cyber attacks by […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.