Daily NCSC-FI news followup 2020-06-21

Ransomware operators lurk on your network after their attack

www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over time, ranging from a day to even a month, starting with a ransomware operator breaching a network. This breach is through exposed remote desktop services, vulnerabilities in VPN software, or via remote access given by malware such as TrickBot, Dridex, and QakBot.

Hacker Lexicon: What Is a Side Channel Attack?

www.wired.com/story/what-is-side-channel-attack/ Modern cybersecurity depends on machines keeping secrets. But computers, like poker-playing humans, have tells. They flit their eyes when they’ve got a good hand, or raise an eyebrow when they’re bluffingor at least, the digital equivalent. And a hacker who learns to read those unintended signals can extract the secrets they contain, in what’s known as a “side channel attack.”.. Side channel attacks take advantage of patterns in the information exhaust that computers constantly give off: the electric emissions from a computer’s monitor or hard drive, for instance, that emanate slightly differently depending on what information is crossing the screen or being read by the drive’s magnetic head.

Mistä tietää, voiko verkkosivuun luottaa? Tarkista nämä 5 asiaa

www.is.fi/digitoday/tietoturva/art-2000006545823.html Verkkosivun turvallisuus on monen tekijän summa. Valpas käyttäjä ei välttämättä luota edes aitoon sivustoon. Se, että verkossa on huijauksia, ei ole kovinkaan monelle uutinen. Niiden erottaminen aidoista verkkosivuista on kuitenkin aina vain hankalampaa, sillä verkkohuijarit kehittyvät koko ajan. Surffaajan ja verkkoshoppailijan on siis oltava koko ajan varovaisempi. IS Digitoday kokosi ohjeita verkkosivun turvallisuuden varmistamiseksi. Apuna käytettiin Kyberturvallisuuskeskuksen neuvoja.

Hacker arrested for stealing, selling PII of 65K hospital employees

www.bleepingcomputer.com/news/security/hacker-arrested-for-stealing-selling-pii-of-65k-hospital-employees/ 29-year-old Michigan man Justin Sean Johnson was arrested earlier this week for allegedly being behind the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC), stealing the PII and W-2 information of over 65,000 employees, and selling it on the dark web. Pittsburgh-based UPMC is Pennsylvanias largest healthcare provider with over 90,000 employees, integrating 40 hospitals and 700 doctors offices and outpatient sites.

SC Handler Series: [email protected] – Maldocs: a bit of blue, a bit of red

isc.sans.edu/forums/diary/ISC+Handler+Series+SANSMIC+Maldocs+a+bit+of+blue+a+bit+of+red/26262/ This week, I presented at SANSFIRE: [email protected] – Maldocs: a bit of blue, a bit of red. The recording of my presentation is now up on YouTube.

You might be interested in …

Daily NCSC-FI news followup 2021-07-08

Microsoft: PrintNightmare now patched on all Windows versions www.bleepingcomputer.com/news/security/microsoft-printnightmare-now-patched-on-all-windows-versions/ Microsoft has released the KB5004948 emergency security update to address the Windows Print Spooler PrintNightmare vulnerability on all editions of Windows 10 1607 and Windows Server 2016. Lisäksi: docs.microsoft.com/en-us/windows/release-health/windows-message-center. Lisäksi: www.bleepingcomputer.com/news/microsoft/how-to-mitigate-print-spooler-vulnerability-on-windows-10/ Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability arstechnica.com/gadgets/2021/07/microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability/ Despite Tuesday’s out-of-band patch being […]

Read More

Daily NCSC-FI news followup 2020-11-21

Leaky Buddies: Cross-Component Covert Channels on Integrated CPU-GPU Systems arxiv.org/pdf/2011.09642.pdf Integrated GPUs share some resources with the CPU and as a result, there is a potential for microarchitectural attacks from the GPU to the CPU or vice versa. We believe this type of attack, crossing the component boundary (GPU to CPU or vice versa) is […]

Read More

Daily NCSC-FI news followup 2019-10-07

Mikko Hyppönen: Unohda nämä kaksi turvasääntöä www.is.fi/digitoday/tietoturva/art-2000006262088.html F-Securen tietoturvajohtaja Mikko Hyppönen haluaa kumota yleisen uskomuksen siitä, että kalastelun tai nettihuijauksen uhriksi joutuneet ihmiset olisivat tyhmiä tai tapahtunut olisi heidän omaa vikaansa.. Hyppösen mukaan verkkokonnien keksimät uudet keinot ovat tehneet kahdesta klassisesta turvallisen verkkosivuston tunnusmerkistä vanhentuneita. Nämä ovat osoiterivillä oleva lukon kuva sekä osoiterivillä näkyvä turvallisena […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.