Daily NCSC-FI news followup 2020-05-31

Nettipetoksia tehnyt vangittiin

www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/nettipetoksia_tehnyt_vangittiin_90541?language=fi Petokset ovat olleet enimmäkseen tyypillisiä nettipetoksia, joissa myydään olematonta tavaraa hyväuskoisille ihmisille lähinnä Tori.fi-sivustolla.

Hacker leaks database of dark web hosting provider

www.zdnet.com/article/hacker-leaks-database-of-dark-web-hosting-provider/ “This information could substantially help law enforcement track the individuals running or taking part in illegal activities on these darknet sites, ” Under the Breach told ZDNet.

The zero-day exploits of Operation WizardOpium

securelist.com/the-zero-day-exploits-of-operation-wizardopium/97086/ While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the exploits and vulnerabilities used in this attack.

Cyber-Criminal espionage Operation insists on Italian Manufacturing

yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/ During our Cyber Threat Intelligence monitoring we spotted new malicious activities targeting some Italian companies operating worldwide in the manufacturing sector, some of them also part of the automotive production chain. See also:

unit42.paloaltonetworks.com/aggah-campaign-bit-ly-blogspot-and-pastebin-used-for-c2-in-large-scale-campaign/

Bringing VandaTheGod down to Earth: Exposing the person behind a 7-year hacktivism campaign

research.checkpoint.com/2020/vandathegod/ Since 2013, many official websites belonging to governments worldwide were hacked and defaced by an attacker who self-identified as ‘VandaTheGod.’ Although the websites’ defacement gave VandaTheGod a lot of attention, the attacker’s activity extended beyond that, to stealing credit card details and leaking sensitive personal credentials. However, by closely examining those attacks, we were able to map VandaTheGod’s activity over the years, and eventually uncover the attacker’s real identity.

You might be interested in …

Daily NCSC-FI news followup 2020-05-29

Highly-targeted attacks on industrial sector hide payload in images www.bleepingcomputer.com/news/security/highly-targeted-attacks-on-industrial-sector-hide-payload-in-images/ Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. Victims in multiple countries (Japan, the U.K., Germany, Italy) were identified. Some of them supply equipment and software solutions to industrial enterprises. […]

Read More

Daily NCSC-FI news followup 2020-09-28

Researchers Uncover Cyber Espionage Operation Aimed At Indian Army thehackernews.com/2020/09/cyberattack-indian-army.html Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information. Dubbed “Operation SideCopy” by Indian cybersecurity firm Quick Heal, the attacks have been attributed to an […]

Read More

Daily NCSC-FI news followup 2019-06-14

Tietoturvayhtiö varoittaa: Merkit pahasta kyberiskusta näkyvissä www.is.fi/digitoday/tietoturva/art-2000006142010.html Tietoturvayhtiö Check Point yhtyy Microsoftin ja monien asiantuntijoiden kuoroon ja kehottaa vanhojen Windowsien käyttäjiä korjaamaan viimeistään nyt niin sanotun BlueKeep-haavoittuvuuden. The Brussels Times: Cyber-attack causes aircraft parts maker to close indefinitely www.brusselstimes.com/all-news/business/technology/58373/cyber-attack-causes-aircraft-parts-maker-to-close-indefinitely-asco/ According to Data News, Asco has shut down its base in Zaventem, as well as operations […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.