Daily NCSC-FI news followup 2020-06-08

German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign

securityintelligence.com/posts/german-task-force-for-covid-19-medical-equipment-targeted-in-ongoing-phishing-campaign/ During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung). . see also

threatpost.com/phishing-attack-german-coronavirus-task-force/156377/

Uusi Office-hyökkäys iskee etätyöläisiin varo tätä viestiä

www.is.fi/digitoday/tietoturva/art-2000006534245.html Ihmisiltä kalastellaan käyttäjätunnuksia muka muuttuneiden vpn-asetusten varjolla.

SMBGhost RCE Exploit Threatens Corporate Networks

threatpost.com/smbghost-rce-exploit-corporate-networks/156391/ The release of a PoC for the Windows flaw known as SMBGhost could set off cyberattack waves, CISA warned.

Honda investigates possible ransomware attack, networks impacted

www.bleepingcomputer.com/news/security/honda-investigates-possible-ransomware-attack-networks-impacted/ Computer networks in Europe and Japan from giant car manufacturer giant Honda have been affected by issues that are reported related to a SNAKE Ransomware cyber attack.

Any Indian DigiLocker Account Could’ve Been Accessed Without Password

thehackernews.com/2020/06/aadhar-digilocker-hacked.html The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords (OTP) and sign in as other users.

Can Governments Defeat Nation-State Attacks on Critical Infrastructures?

threatpost.com/can-governments-defeat-nation-state-attacks-on-critical-infrastructures/156338/ The one cyber risk that governments are much better at controlling than we are is insider threats. Governments have been dealing with people threats for centuries and have powerful tools at their disposal for such investigations.

Suomen uusien 5g-taajuuksien huutokauppa oli ennätyksellisen lyhyt tässä voittajat

www.is.fi/digitoday/mobiili/art-2000006534121.html Suomen suurimmat operaattorit saivat myös 5g-verkon ylätaajuudet.. see also

www.tivi.fi/uutiset/tv/940d15c5-8eac-4032-be56-897995864fa2

Facebook sues company for registering impostor domains

www.bleepingcomputer.com/news/security/facebook-sues-company-for-registering-impostor-domains/ Facebook filed a lawsuit today against 12 domain names registered by Compsys Domain Solutions Private Ltd, an Indian provider of proxy/privacy services, domains that impersonate Facebook apps and were allegedly used for malicious purposes.

You might be interested in …

Daily NCSC-FI news followup 2020-08-11

Viittä nuorta miestä epäillään tietomurroista yritysten verkkopalveluihin poliisin mukaan yksittäisiä tietomurtoja paljastui useita miljoonia yle.fi/uutiset/3-11487798 Poliisin esitutkinta kesti lähes kolme vuotta. Tutkinnassa oli jopa 10 miljoonaa yksittäistä tekoa. Lue myös: www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/esitutkinta_tietomurtojen_tehtailusta_valmistui_epaillyt_nuoret_miehet_tekoaikaan_alaikaisia_92557. Sekä: www.is.fi/digitoday/tietoturva/art-2000006598167.html NCC Group admits its training data was leaked online after folders full of Crest pentest certification exam notes posted to Github www.theregister.com/2020/08/11/ncc_group_crest_cheat_sheets/ […]

Read More

Daily NCSC-FI news followup 2019-07-04

Sodinokibi ransomware is now using a former Windows zero-day www.zdnet.com/article/sodinokibi-ransomware-is-now-using-a-former-windows-zero-day/ A ransomware strain named Sodinokibi (also Sodin or REvil) is using a former Windows zero-day vulnerability to elevate itself to admin access on infected hosts.. see also securelist.com/sodin-ransomware/91473/ Sodin ransomware enters through MSPs www.kaspersky.com/blog/sodin-msp-ransomware/27530/ At the end of March, when we wrote about a GandCrab […]

Read More

Daily NCSC-FI news followup 2020-11-16

Verkkorikolliset yrittävät nyt kiristää varastetulla datalla tuplasti Yhä useampi raportoi, ettei tietoja ole palautettu lunnaiden maksun jälkeen www.kauppalehti.fi/uutiset/verkkorikolliset-yrittavat-nyt-kiristaa-varastetulla-datalla-tuplasti-yha-useampi-raportoi-ettei-tietoja-ole-palautettu-lunnaiden-maksun-jalkeen/5d70090b-104d-4950-a751-0… Esimerkiksi Revil-kiristysohjelmaa käyttäneet hakkerit olivat lähestyneet uhreja uudelleen viikkoja sen jälkeen, kun lunnaat oli vastaanotettu. Kun uhri saa lunnaat maksettuaan salausavaimen, sitä ei voida häneltä ottaa pois. Varastettujen tietojen avulla rikolliset sen sijaan voivat palata toiseen maksuun […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.