Daily NCSC-FI news followup 2020-06-08

German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign

securityintelligence.com/posts/german-task-force-for-covid-19-medical-equipment-targeted-in-ongoing-phishing-campaign/ During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung). . see also

threatpost.com/phishing-attack-german-coronavirus-task-force/156377/

Uusi Office-hyökkäys iskee etätyöläisiin varo tätä viestiä

www.is.fi/digitoday/tietoturva/art-2000006534245.html Ihmisiltä kalastellaan käyttäjätunnuksia muka muuttuneiden vpn-asetusten varjolla.

SMBGhost RCE Exploit Threatens Corporate Networks

threatpost.com/smbghost-rce-exploit-corporate-networks/156391/ The release of a PoC for the Windows flaw known as SMBGhost could set off cyberattack waves, CISA warned.

Honda investigates possible ransomware attack, networks impacted

www.bleepingcomputer.com/news/security/honda-investigates-possible-ransomware-attack-networks-impacted/ Computer networks in Europe and Japan from giant car manufacturer giant Honda have been affected by issues that are reported related to a SNAKE Ransomware cyber attack.

Any Indian DigiLocker Account Could’ve Been Accessed Without Password

thehackernews.com/2020/06/aadhar-digilocker-hacked.html The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords (OTP) and sign in as other users.

Can Governments Defeat Nation-State Attacks on Critical Infrastructures?

threatpost.com/can-governments-defeat-nation-state-attacks-on-critical-infrastructures/156338/ The one cyber risk that governments are much better at controlling than we are is insider threats. Governments have been dealing with people threats for centuries and have powerful tools at their disposal for such investigations.

Suomen uusien 5g-taajuuksien huutokauppa oli ennätyksellisen lyhyt tässä voittajat

www.is.fi/digitoday/mobiili/art-2000006534121.html Suomen suurimmat operaattorit saivat myös 5g-verkon ylätaajuudet.. see also

www.tivi.fi/uutiset/tv/940d15c5-8eac-4032-be56-897995864fa2

Facebook sues company for registering impostor domains

www.bleepingcomputer.com/news/security/facebook-sues-company-for-registering-impostor-domains/ Facebook filed a lawsuit today against 12 domain names registered by Compsys Domain Solutions Private Ltd, an Indian provider of proxy/privacy services, domains that impersonate Facebook apps and were allegedly used for malicious purposes.

You might be interested in …

Daily NCSC-FI news followup 2020-09-13

BLINDSIDE – A Speculative Execution Attack www.vusec.net/projects/blindside/ BlindSide allows attackers to hack blind in the Spectre era. That is, given a simple buffer overflow in the kernel and no additional info leak vulnerability, BlindSide can mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory […]

Read More

Daily NCSC-FI news followup 2021-01-08

Sealed U.S. Court Records Exposed in SolarWinds Breach krebsonsecurity.com/2021/01/sealed-u-s-court-records-exposed-in-solarwinds-breach/ The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) […]

Read More

Daily NCSC-FI news followup 2020-12-31

Adobe Flash Player is officially dead tomorrow www.bleepingcomputer.com/news/security/adobe-flash-player-is-officially-dead-tomorrow/ Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years. Lisäksi www.bleepingcomputer.com/news/software/adobe-now-shows-alerts-in-windows-10-to-uninstall-flash-player/ What’s Next for Ransomware in 2021? threatpost.com/ransomware-getting-ahead-inevitable-attack/162655/ Ransomware response demands a whole-of-business plan before the next attack, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.