Daily NCSC-FI news followup 2020-05-03

Koronavirustartuntoja jäljittävän sovelluksen testaaminen alkaa Suomessa samalla yhteiseurooppalaisen ratkaisun löytäminen näyttää yhä vaikeammalta

yle.fi/uutiset/3-11332842 Koronavirustartuntojen jäljittävän puhelinsovelluksen testaaminen käynnistyy tässä kuussa Suomessa. Vaasan keskussairaalassa toteutettavassa pilottihankkeessa selvitetään, miten hyvin puhelimien Bluetooth-teknologia selviää lähikontaktien kartoituksesta. Sosiaali- ja terveysministeriö on arvioinut, että altistumisia jäljittävä sovellus voisi olla käytettävissä kesäkuussa.

Levittääkö 5G-säteily koronavirusta ja onko se uhka lasten terveydelle? näin STUK vastaa 9 somesta löytyvään väitteeseen 5G:n vaaroista

yle.fi/uutiset/3-11316936 Pelko mobiiliyhteyksiä varten rakennettavaa 5G-verkkoa kohtaan on muuttunut toiminnaksi eri puolilla maailmaa. Esimerkiksi Isossa-Britanniassa, Hollannissa ja Ruotsissa on poltettu useita 5G-tukiasemia osittain siksi, että niiden uskotaan edesauttavan koronaviruksen leviämistä. Vastuu mobiiliverkkojen turvallisuudesta on teleoperaattoreilla. Turvallisuusasioita valvova viranomainen on Suomessa Säteilyturvakeskus. Keräsimme verkosta 5G-verkkoon ja teknologiaan liittyviä väitteitä ja pyysimme niihin vastaukset STUK:n Ionisoimattoman säteilyn valvontayksikön laboratorionjohtaja Pasi Orreveteläiseltä.

Home affairs data breach may have exposed personal details of 700, 000 migrants

www.theguardian.com/technology/2020/may/03/home-affairs-data-breach-may-have-exposed-personal-details-of-700000-migrants Privacy experts have blasted the home affairs department for a data breach revealing the personal details of 774, 000 migrants and people aspiring to migrate to Australia, including partial names and the outcome of applications.

Malware analysis: nspps, a Go RAT/Backdoor

ironnet.com/blog/malware-analysis-nspps-a-go-rat-backdoor/ Recent compromises of specific Citrix products via the CVE-2019-19781 vulnerability have been brought to light recently by the public exposure of several of the associated malicious software components involved in those events. A trusted partner provided IronNet Threat Research with a copy of one of those components in isolation, a binary that appears to be a userspace remote access tool (RAT) or backdoor written in Go (a.k.a. “golang”), and built for use upon FreeBSD targets. It is a fully featured utility, and would be a suitable first stage for deployment via the exploitation scenario, though we weren’t afforded endpoint details from the intrusion that might confirm that.

Hackers breach LineageOS servers via unpatched vulnerability

www.zdnet.com/article/hackers-breach-lineageos-servers-via-unpatched-vulnerability/#ftag=RSSbaffb68 Hackers have gained access to the core infrastructure of LineageOS, a mobile operating system based on Android, used for smartphones, tablets, and set-top boxes. The intrusion took place last night, on Saturday, at around 8 pm (US Pacific coast), and was detected before the attackers could do any harm, the LineageOS team said in a statement published less than three hours after the incident. LineageOS developers said the hack took place after the attacker used an unpatched vulnerability to breach its Salt installation.

Ghost blogging platform suffers security breach

www.grahamcluley.com/ghost-blogging-platform-suffers-security-breach/ The open-source blogging platform Ghost has suffered a serious security scare, no doubt sending shivers down the spines of some of its users. In a later update on the security breach, Ghost said that its investigations had determined that attackers had exploited a critical vulnerability in Salt, the open-source software used by data centers and cloud servers, in an attempt to mine cryptocurrency on its servers. also: status.ghost.org/incidents/tpn078sqk973

Canadians have lost more than $1.2 million to COVID-19 scams

www.cbc.ca/news/politics/covid-scams-fraud-crime-1.5551294 Jeff Thomson of the Canadian Anti-Fraud Centre said the centre has received 739 reports since March 6 of attempts to defraud Canadians with scams related to the pandemic. He said 178 of those attempts succeeded. The centre is also seeing attempts to use the pandemic as cover to infect computers with malware.

Love Bug’s creator tracked down to repair shop in Manila

www.bbc.com/news/technology-52458765 The man behind the world’s first major computer virus outbreak has admitted his guilt, 20 years after his software infected millions of machines worldwide.

You might be interested in …

Daily NCSC-FI news followup 2020-05-28

Counter Threat Unit Researchers Publish Threat Group Definitions www.secureworks.com/blog/counter-threat-unit-researchers-publish-threat-group-definitions Today, the Secureworks® Counter Threat Unit (CTU) research team began publishing Threat Group profiles on the Secureworks website. The profiles include a summary of the groups, their objectives, other aliases by which the groups are known, and the malware they use. Both criminal and government-sponsored Threat […]

Read More

Daily NCSC-FI news followup 2020-08-14

NSA and FBI Cybersecurity Advisory – Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control (C2) server. When deployed on a victim machine, the Drovorub implant […]

Read More

Daily NCSC-FI news followup 2021-02-04

Cybersecurity firm Stormshield hacked. Data (including source code) stolen grahamcluley.com/cybersecurity-firm-stormshield-hacked-data-including-source-code-stolen/ French cybersecurity firm Stormshield has revealed that it has suffered a security breach, and hackers have accessed sensitive information. The company, which is a major provider to the French government, says that a hacker managed to steal data after gaining access to a portal used […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.