Daily NCSC-FI news followup 2020-06-08

German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign

securityintelligence.com/posts/german-task-force-for-covid-19-medical-equipment-targeted-in-ongoing-phishing-campaign/ During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung). . see also

threatpost.com/phishing-attack-german-coronavirus-task-force/156377/

Uusi Office-hyökkäys iskee etätyöläisiin varo tätä viestiä

www.is.fi/digitoday/tietoturva/art-2000006534245.html Ihmisiltä kalastellaan käyttäjätunnuksia muka muuttuneiden vpn-asetusten varjolla.

SMBGhost RCE Exploit Threatens Corporate Networks

threatpost.com/smbghost-rce-exploit-corporate-networks/156391/ The release of a PoC for the Windows flaw known as SMBGhost could set off cyberattack waves, CISA warned.

Honda investigates possible ransomware attack, networks impacted

www.bleepingcomputer.com/news/security/honda-investigates-possible-ransomware-attack-networks-impacted/ Computer networks in Europe and Japan from giant car manufacturer giant Honda have been affected by issues that are reported related to a SNAKE Ransomware cyber attack.

Any Indian DigiLocker Account Could’ve Been Accessed Without Password

thehackernews.com/2020/06/aadhar-digilocker-hacked.html The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords (OTP) and sign in as other users.

Can Governments Defeat Nation-State Attacks on Critical Infrastructures?

threatpost.com/can-governments-defeat-nation-state-attacks-on-critical-infrastructures/156338/ The one cyber risk that governments are much better at controlling than we are is insider threats. Governments have been dealing with people threats for centuries and have powerful tools at their disposal for such investigations.

Suomen uusien 5g-taajuuksien huutokauppa oli ennätyksellisen lyhyt tässä voittajat

www.is.fi/digitoday/mobiili/art-2000006534121.html Suomen suurimmat operaattorit saivat myös 5g-verkon ylätaajuudet.. see also

www.tivi.fi/uutiset/tv/940d15c5-8eac-4032-be56-897995864fa2

Facebook sues company for registering impostor domains

www.bleepingcomputer.com/news/security/facebook-sues-company-for-registering-impostor-domains/ Facebook filed a lawsuit today against 12 domain names registered by Compsys Domain Solutions Private Ltd, an Indian provider of proxy/privacy services, domains that impersonate Facebook apps and were allegedly used for malicious purposes.

You might be interested in …

Daily NCSC-FI news followup 2020-10-27

Uusi työkalu johdolle kyberuhkien hallintaan www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/uusi-tyokalu-johdolle-kyberuhkien-hallintaan Liikenne- ja viestintävirasto Traficomin Kyberturvallisuuskeskuksen kehittämä Kybermittari auttaa yritysjohtoa saamaan kyberriskit kattavammin hallintaan ja turvaamaan liiketoiminnan jatkuvuuden. DN: Suuri tietomurto ruotsalaiseen turvallisuusalan yritykseen, verkkoon on vuodettu muun muassa pankki­holvien piirustuksia www.hs.fi/ulkomaat/art-2000006700788.html Ruotsalaiseen, kansainvälisesti toimivaan turvallisuusalan yhtiöön on tehty mittava tietomurto, jossa verkkoon on vuodettu esimerkiksi pankkiholvien piirustuksia ja hälytysjärjestelmien […]

Read More

Daily NCSC-FI news followup 2020-04-16

Linksys asks users to reset passwords after hackers hijacked home routers last month www.zdnet.com/article/linksys-asks-users-to-reset-passwords-after-hackers-hijacked-home-routers-last-month/ Linksys locks Smart WiFi cloud accounts and asks users to reset passwords after hackers hijacked routers to redirect traffic to malware sites. Continued Threat Actor Exploitation Post Pulse Secure VPN Patching www.us-cert.gov/ncas/alerts/aa20-107a This Alert provides an update to Cybersecurity and Infrastructure […]

Read More

Daily NCSC-FI news followup 2019-09-04

Satori IoT Botnet Operator Pleads Guilty krebsonsecurity.com/2019/09/satori-iot-botnet-operator-pleads-guilty/ A 21-year-old man from Vancouver, Wash. has pleaded guilty to federal hacking charges tied to his role in operating the Satori botnet, a crime machine powered by hacked Internet of Things (IoT) devices that was built to conduct massive denial-of-service attacks targeting Internet service providers, online gaming platforms […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.