Daily NCSC-FI news followup 2020-06-21

Ransomware operators lurk on your network after their attack

www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over time, ranging from a day to even a month, starting with a ransomware operator breaching a network. This breach is through exposed remote desktop services, vulnerabilities in VPN software, or via remote access given by malware such as TrickBot, Dridex, and QakBot.

Hacker Lexicon: What Is a Side Channel Attack?

www.wired.com/story/what-is-side-channel-attack/ Modern cybersecurity depends on machines keeping secrets. But computers, like poker-playing humans, have tells. They flit their eyes when they’ve got a good hand, or raise an eyebrow when they’re bluffingor at least, the digital equivalent. And a hacker who learns to read those unintended signals can extract the secrets they contain, in what’s known as a “side channel attack.”.. Side channel attacks take advantage of patterns in the information exhaust that computers constantly give off: the electric emissions from a computer’s monitor or hard drive, for instance, that emanate slightly differently depending on what information is crossing the screen or being read by the drive’s magnetic head.

Mistä tietää, voiko verkkosivuun luottaa? Tarkista nämä 5 asiaa

www.is.fi/digitoday/tietoturva/art-2000006545823.html Verkkosivun turvallisuus on monen tekijän summa. Valpas käyttäjä ei välttämättä luota edes aitoon sivustoon. Se, että verkossa on huijauksia, ei ole kovinkaan monelle uutinen. Niiden erottaminen aidoista verkkosivuista on kuitenkin aina vain hankalampaa, sillä verkkohuijarit kehittyvät koko ajan. Surffaajan ja verkkoshoppailijan on siis oltava koko ajan varovaisempi. IS Digitoday kokosi ohjeita verkkosivun turvallisuuden varmistamiseksi. Apuna käytettiin Kyberturvallisuuskeskuksen neuvoja.

Hacker arrested for stealing, selling PII of 65K hospital employees

www.bleepingcomputer.com/news/security/hacker-arrested-for-stealing-selling-pii-of-65k-hospital-employees/ 29-year-old Michigan man Justin Sean Johnson was arrested earlier this week for allegedly being behind the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC), stealing the PII and W-2 information of over 65,000 employees, and selling it on the dark web. Pittsburgh-based UPMC is Pennsylvanias largest healthcare provider with over 90,000 employees, integrating 40 hospitals and 700 doctors offices and outpatient sites.

SC Handler Series: [email protected] – Maldocs: a bit of blue, a bit of red

isc.sans.edu/forums/diary/ISC+Handler+Series+SANSMIC+Maldocs+a+bit+of+blue+a+bit+of+red/26262/ This week, I presented at SANSFIRE: [email protected] – Maldocs: a bit of blue, a bit of red. The recording of my presentation is now up on YouTube.

You might be interested in …

Daily NCSC-FI news followup 2021-04-13

Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days www.bleepingcomputer.com/news/microsoft/microsoft-april-2021-patch-tuesday-fixes-108-flaws-5-zero-days/ Today is Microsoft’s April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won’t be any easier, so […]

Read More

Daily NCSC-FI news followup 2020-09-01

Norjan parlamenttiin on tehty laajamittainen kyberhyökkäys yle.fi/uutiset/3-11522222 Joidenkin kansanedustajien ja Suurkäräjien työntekijöiden sähköposteihin on murtauduttu. Otamme asian erittäin vakavasti ja analysoimme tilannetta saadaksemme kuvan tapauksesta ja haittojen laajuudesta, Suurkäräjien hallinnon johtaja Marianne Andreassen sanoo. myös: www.stortinget.no/no/Hva-skjer-pa-Stortinget/Nyhetsarkiv/Pressemeldingsarkiv/2019-2020/it-angrep-mot-stortinget/. also: www.zdnet.com/article/norwegian-parliament-discloses-cyber-attack-on-internal-email-system/ Cisco says it will issue patch as soon as possible’ for bugs hackers are trying to exploit […]

Read More

Daily NCSC-FI news followup 2020-11-27

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors thehackernews.com/2020/11/digitally-signed-bandook-malware-once.html A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.