Daily NCSC-FI news followup 2020-06-11

Hackers breached A1 Telekom, Austria’s largest ISP

www.zdnet.com/article/hackers-breached-a1-telekom-austrias-largest-isp/ A1 needed more than six months to kick the hackers off its network. Whsitleblower claims the intruders were Chinese hackers.

Snake Ransomware Delivers Double-Strike on Honda, Energy Co.

threatpost.com/snake-ransomware-honda-energy/156462/ The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.

Gamaredon hackers use Outlook macros to spread malware to contacts

www.bleepingcomputer.com/news/security/gamaredon-hackers-use-outlook-macros-to-spread-malware-to-contacts/ New tools attributed to the Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts.. see also

www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/

Suomelle kakkossija digitaalisuuden hyödyntämisessä kyberturvallisuudessa ollaan jäämässä naapureista jälkeen

www.kauppalehti.fi/uutiset/suomelle-kakkossija-digitaalisuuden-hyodyntamisessa-kyberturvallisuudessa-ollaan-jaamassa-naapureista-jalkeen/50ae895f-db0a-48f0-be21-9b4e934d0388 Suomi on vertailussa seitsemättä vuotta kolmen kärjessä.

Fake Black Lives Matter voting campaign spreads Trickbot malware

www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/ A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware.

VR:n lippukauppa esitti vaarallisen kehotuksen eihän näin pitänyt enää tapahtua?

www.is.fi/digitoday/tietoturva/art-2000006536510.html VR:n vanha lippukauppa pyysi asentamaan vaaralliseksi tunnetun Flash-ohjelmiston. VR kehottaa käyttämään uutta verkkokauppaansa.

IBM Cloud global outage caused by “incorrect” BGP routing

www.bleepingcomputer.com/news/technology/ibm-cloud-global-outage-caused-by-incorrect-bgp-routing/ On June 9th, 2020, IBM Cloud data centers suffered a global outage that caused connectivity issues for many of the web sites and platforms utilizing the service, including BleepingComputer.

Ransomware: Hackers took just three days to find this fake industrial network and fill it with malware

www.zdnet.com/article/ransomware-hackers-took-just-three-days-to-find-this-fake-industrial-network-and-fill-it-with-malware/ Industrial control networks are coming under attack from a range of ransomware attacks, security researchers have warned, after an experiment revealed the speed at which hackers are uncovering vulnerabilities in critical infrastructure.

Search hijackers change Chrome policy to remote administration

blog.malwarebytes.com/threat-spotlight/2020/06/search-hijackers-change-chrome-policy-to-remote-administration/ The latest type of installer in the saga of search hijacking changes a Chrome policy which tells users it cant be removed because the browser is managed from the outside.

Expiring SSL certs expected to break smart TVs, fridges, and IoTs

www.bleepingcomputer.com/news/security/expiring-ssl-certs-expected-to-break-smart-tvs-fridges-and-iots/ On May 30th, select Roku streaming channels stopped working, leaving impacted customers clueless with no idea what was wrong.. The same day payment platforms Stripe and Spreedly experienced disruptions and blamed it on expiring Certificate Authority (CA) root certificates.. We always knew SSL certificates came with an expiration date, but we didn’t plan for the fact it’d be happening this year!

Protecting IoT devices and OT Networks from a Cyber Pandemic

blog.checkpoint.com/2020/06/11/protecting-iot-devices-and-ot-networks-from-a-cyber-pandemic/

Researchers say online voting tech used in 5 states is fatally flawed

arstechnica.com/tech-policy/2020/06/researchers-say-online-voting-tech-used-in-5-states-is-fatally-flawed/ Elections in five states have used or plan to use OmniBallot’s online voting tech.

You might be interested in …

Daily NCSC-FI news followup 2021-06-08

Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang krebsonsecurity.com/2021/06/justice-dept-claws-back-2-3m-paid-by-colonial-pipeline-to-ransomware-gang/ The U.S. Department of Justice said today it has recovered $2.3 million worth of Bitcoin that Colonial Pipeline paid to ransomware extortionists last month. Lisäksi: thehackernews.com/2021/06/us-recovers-23-million-ransom-paid-to.html. Lisäksi: threatpost.com/fbi-claws-back-millions-darksides-ransom/166705/. Lisäksi: yle.fi/uutiset/3-11970237 StackOverflow, Twitch, Reddit, others down in Fastly CDN outage www.bleepingcomputer.com/news/security/stackoverflow-twitch-reddit-others-down-in-fastly-cdn-outage/ Major websites […]

Read More

Daily NCSC-FI news followup 2021-05-11

Companies 5 Million Personal identifiable information records detected on an AWS service due to misconception of users blog.checkpoint.com/2021/05/11/companies-5-million-personal-identifiable-information-records-detected-on-an-aws-service-due-to-misconception-of-users/ CPR was able to detect personal records in Amazon Web Services (AWS). By analyzing and enumerating public AWS Systems Manager (SSM) documents, CPR retrieved over five million personally identifiable information records and credit card transactions of companies, […]

Read More

Daily NCSC-FI news followup 2020-11-18

Hackers are actively probing millions of WordPress sites www.bleepingcomputer.com/news/security/hackers-are-actively-probing-millions-of-wordpress-sites/ Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150, 000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers. Hacking group exploits ZeroLogon in automotive, industrial attack wave www.zdnet.com/article/cicada-hacking-group-exploits-zerologon-launches-new-backdoor-in-automotive-industry-attack-wave/ The active cyberattack is thought […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.