Daily NCSC-FI news followup 2020-06-01

Postin nimissä käynnissä kolme huijausta, yksi on erityisen häijy – numerostasi lähetetään viestejä

www.is.fi/digitoday/tietoturva/art-2000006523529.html Oikeissa Postin viesteissä ei pääsääntöisesti ole linkkejä. Jos seuraat linkkiä verkkosivulle, tarkista sen osoite osoiteriviltä. Väärien sivujen osoitteet eivät usein muistuta juuri lainkaan aitoa osoitetta. Suhtaudu varauksella kaikkiin viesteihin, joissa sinulta pyydetään maksua tai sinun halutaan kirjautuvan jonnekin pankkitunnuksillasi. Katso myös:

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/saitko-tekstiviestin-postin-nimissa-varothan-viesti-voi-olla-huijaus

Cisco security breach hits corporate servers that ran unpatched software (Salt stack)

arstechnica.com/information-technology/2020/05/cisco-security-breach-hits-corporate-servers-that-ran-unpatched-software/ Six servers Cisco uses to provide a virtual networking service were compromised by hackers who exploited critical flaws contained in unpatched versions of Salt management framework, the company disclosed on Thursday.

Joomla data breach leaks 2, 700 user records via exposed backups

www.bleepingcomputer.com/news/security/joomla-data-breach-leaks-2-700-user-records-via-exposed-backups/ A Joomla database leak has exposed the personal information, including hashed passwords, of 2, 700 individuals registered on the Joomla Resources Directory (JRD).

REvil ransomware gang publishes ‘Elexon staff’s passports’ after UK electrical middleman shrugs off attack

www.theregister.com/2020/06/01/elexon_ransomware_was_revil_sodinokibi/ It appears the company shrugged off the ransomware attack and simply rebuilt its IT infrastructure from backups, ignoring the criminals’ demands to pay them lots of money. As a response the stolen data was published on REvil’s Tor webpage as a cache of 1, 280 files, which we understand include documents that appeared to be passports of Elexon staff members and an apparent business insurance application form.

Vulnerability Summary for the Week of May 25, 2020

www.us-cert.gov/ncas/bulletins/sb20-153 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

This Bot Hunts Software Bugs for the Pentagon

www.wired.com/story/bot-hunts-software-bugs-pentagon/ Mayhem emerged from a 2016 government-sponsored contest at a Las Vegas casino hotel. Now it’s used by the military. Other bugs found by Mayhem include one discovered earlier this year in the OpenWRT software used in millions of networking devices.

Office 365 to give detailed info on malicious email attachments

www.bleepingcomputer.com/news/security/office-365-to-give-detailed-info-on-malicious-email-attachments/ Microsoft will provide Office 365 Advanced Threat Protection (ATP) users with more details on malware samples and malicious URLs discovered following detonation. “We’re working to reveal more of the details that led to a malicious verdict when URLs or files are detonated in Office 365 ATP, ” the new feature’s Microsoft 365 roadmap entry reads.

Here are the new security features in Windows 10 2004

www.bleepingcomputer.com/news/microsoft/here-are-the-new-security-features-in-windows-10-2004/ Windows 10’s May 2020 Update is rolling out to seekers, and it comes with new security features that offer better malware protection, easier logins, and stronger encryption for your wireless connections.

You might be interested in …

Daily NCSC-FI news followup 2021-06-01

Ruotsi ja Norja vaativat Tanskalta selvitystä vakoiluväitteistä yle.fi/uutiset/3-11955732 Mediatietojen mukaan Tanskan puolustusministeri olisi tiennyt jo viime elokuussa, että Yhdysvaltain Kansallisen turvallisuuden virasto NSA on vakoillut Tanskan kautta useiden liittolaismaiden poliitikkoja ja virkamiehiä. Ruotsin ja Norjan puolustusministerit vaativat Tanskalta selvitystä mediatiedoista, joiden mukaan Yhdysvallat olisi vakoillut Tanskan kautta niiden poliitikkoja ja virkamiehiä, kertoo muun muassa Tanskan […]

Read More

Daily NCSC-FI news followup 2019-11-28

Threat Spotlight: Machete Info-Stealer threatvector.cylance.com/en_us/home/threat-spotlight-machete-info-stealer.html Machete is an info-stealing malware that can harvest user credentials, chat logs, screenshots, webcam pictures, geolocation, and perform keylogging. It can also copy files to a USB device and take control of the clipboard to exfiltrate information. DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy www.schneier.com/blog/archives/2019/11/dhs_mandates_fe.html The DHS is […]

Read More

Daily NCSC-FI news followup 2021-11-28

North Korean hackers posed as Samsung recruiters to target security researchers therecord.media/north-korean-hackers-posed-as-samsung-recruiters-to-target-security-researchers/ North Korean state-sponsored hackers posed as Samsung recruiters and sent fake job offers to employees at South Korean security companies that sell anti-malware software, Google said this week in the first edition of its new Threat Horizons report. “The emails included a PDF […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.