Daily NCSC-FI news followup 2020-06-01

Postin nimissä käynnissä kolme huijausta, yksi on erityisen häijy – numerostasi lähetetään viestejä

www.is.fi/digitoday/tietoturva/art-2000006523529.html Oikeissa Postin viesteissä ei pääsääntöisesti ole linkkejä. Jos seuraat linkkiä verkkosivulle, tarkista sen osoite osoiteriviltä. Väärien sivujen osoitteet eivät usein muistuta juuri lainkaan aitoa osoitetta. Suhtaudu varauksella kaikkiin viesteihin, joissa sinulta pyydetään maksua tai sinun halutaan kirjautuvan jonnekin pankkitunnuksillasi. Katso myös:


Cisco security breach hits corporate servers that ran unpatched software (Salt stack)

arstechnica.com/information-technology/2020/05/cisco-security-breach-hits-corporate-servers-that-ran-unpatched-software/ Six servers Cisco uses to provide a virtual networking service were compromised by hackers who exploited critical flaws contained in unpatched versions of Salt management framework, the company disclosed on Thursday.

Joomla data breach leaks 2, 700 user records via exposed backups

www.bleepingcomputer.com/news/security/joomla-data-breach-leaks-2-700-user-records-via-exposed-backups/ A Joomla database leak has exposed the personal information, including hashed passwords, of 2, 700 individuals registered on the Joomla Resources Directory (JRD).

REvil ransomware gang publishes ‘Elexon staff’s passports’ after UK electrical middleman shrugs off attack

www.theregister.com/2020/06/01/elexon_ransomware_was_revil_sodinokibi/ It appears the company shrugged off the ransomware attack and simply rebuilt its IT infrastructure from backups, ignoring the criminals’ demands to pay them lots of money. As a response the stolen data was published on REvil’s Tor webpage as a cache of 1, 280 files, which we understand include documents that appeared to be passports of Elexon staff members and an apparent business insurance application form.

Vulnerability Summary for the Week of May 25, 2020

www.us-cert.gov/ncas/bulletins/sb20-153 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

This Bot Hunts Software Bugs for the Pentagon

www.wired.com/story/bot-hunts-software-bugs-pentagon/ Mayhem emerged from a 2016 government-sponsored contest at a Las Vegas casino hotel. Now it’s used by the military. Other bugs found by Mayhem include one discovered earlier this year in the OpenWRT software used in millions of networking devices.

Office 365 to give detailed info on malicious email attachments

www.bleepingcomputer.com/news/security/office-365-to-give-detailed-info-on-malicious-email-attachments/ Microsoft will provide Office 365 Advanced Threat Protection (ATP) users with more details on malware samples and malicious URLs discovered following detonation. “We’re working to reveal more of the details that led to a malicious verdict when URLs or files are detonated in Office 365 ATP, ” the new feature’s Microsoft 365 roadmap entry reads.

Here are the new security features in Windows 10 2004

www.bleepingcomputer.com/news/microsoft/here-are-the-new-security-features-in-windows-10-2004/ Windows 10’s May 2020 Update is rolling out to seekers, and it comes with new security features that offer better malware protection, easier logins, and stronger encryption for your wireless connections.

You might be interested in …

Daily NCSC-FI news followup 2021-01-09

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html Incident response investigations dont always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an […]

Read More

Daily NCSC-FI news followup 2020-02-26

Iranian APT Targets Govs With New Malware threatpost.com/iranian-apt-targets-govs-with-new-malware/153162/ A new campaign is targeting governments with the ForeLord malware, which steals credentials.. A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat (APT) group. Internal Docs Show Why […]

Read More

Daily NCSC-FI news followup 2020-02-10

App Used by Netanyahu’s Likud Leaks Israel’s Entire Voter Registry www.haaretz.com/israel-news/elections/.premium-app-used-by-netanyahu-s-likud-leaks-israel-s-entire-voter-registry-1.8509696 The Likud has uploaded the full register of Israeli voters to an application, causing the leak of personal data on 6,453,254 citizens. The information includes the full names, identity card numbers, addresses and gender of every single eligible voter in Israel, as well as […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.