Daily NCSC-FI news followup 2020-06-21

Ransomware operators lurk on your network after their attack

www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over time, ranging from a day to even a month, starting with a ransomware operator breaching a network. This breach is through exposed remote desktop services, vulnerabilities in VPN software, or via remote access given by malware such as TrickBot, Dridex, and QakBot.

Hacker Lexicon: What Is a Side Channel Attack?

www.wired.com/story/what-is-side-channel-attack/ Modern cybersecurity depends on machines keeping secrets. But computers, like poker-playing humans, have tells. They flit their eyes when they’ve got a good hand, or raise an eyebrow when they’re bluffingor at least, the digital equivalent. And a hacker who learns to read those unintended signals can extract the secrets they contain, in what’s known as a “side channel attack.”.. Side channel attacks take advantage of patterns in the information exhaust that computers constantly give off: the electric emissions from a computer’s monitor or hard drive, for instance, that emanate slightly differently depending on what information is crossing the screen or being read by the drive’s magnetic head.

Mistä tietää, voiko verkkosivuun luottaa? Tarkista nämä 5 asiaa

www.is.fi/digitoday/tietoturva/art-2000006545823.html Verkkosivun turvallisuus on monen tekijän summa. Valpas käyttäjä ei välttämättä luota edes aitoon sivustoon. Se, että verkossa on huijauksia, ei ole kovinkaan monelle uutinen. Niiden erottaminen aidoista verkkosivuista on kuitenkin aina vain hankalampaa, sillä verkkohuijarit kehittyvät koko ajan. Surffaajan ja verkkoshoppailijan on siis oltava koko ajan varovaisempi. IS Digitoday kokosi ohjeita verkkosivun turvallisuuden varmistamiseksi. Apuna käytettiin Kyberturvallisuuskeskuksen neuvoja.

Hacker arrested for stealing, selling PII of 65K hospital employees

www.bleepingcomputer.com/news/security/hacker-arrested-for-stealing-selling-pii-of-65k-hospital-employees/ 29-year-old Michigan man Justin Sean Johnson was arrested earlier this week for allegedly being behind the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC), stealing the PII and W-2 information of over 65,000 employees, and selling it on the dark web. Pittsburgh-based UPMC is Pennsylvanias largest healthcare provider with over 90,000 employees, integrating 40 hospitals and 700 doctors offices and outpatient sites.

SC Handler Series: [email protected] – Maldocs: a bit of blue, a bit of red

isc.sans.edu/forums/diary/ISC+Handler+Series+SANSMIC+Maldocs+a+bit+of+blue+a+bit+of+red/26262/ This week, I presented at SANSFIRE: [email protected] – Maldocs: a bit of blue, a bit of red. The recording of my presentation is now up on YouTube.

You might be interested in …

Daily NCSC-FI news followup 2020-11-30

German users targeted with Gootkit banker or REvil ransomware blog.malwarebytes.com/threat-analysis/2020/11/german-users-targeted-with-gootkit-banker-or-revil-ransomware/ On November 23, we received an alert from a partner about a resurgence of Gootkit infections in Germany. Gootkit is a very capable banking Trojan that has been around since 2014 and possesses a number of functionalities such as keystroke or video recording designed to […]

Read More

Daily NCSC-FI news followup 2019-11-21

The Cyber-Physical Security of the Power Grid smartgrid.ieee.org/newsletters/november-2019/the-cyber-physical-security-of-the-power-grid Since critical infrastructures play a crucial role in our everyday life, its security has to be considered as one of the most important challenges in this modern era.. Physical and cyber security of smart power grids is very difficult due to their complexity and inhomogeneity. A huge […]

Read More

Daily NCSC-FI news followup 2021-02-08

Can The FBI Hack Into Private Signal Messages On A Locked iPhone? Evidence Indicates Yes www.forbes.com/sites/thomasbrewster/2021/02/08/can-the-fbi-can-hack-into-private-signal-messages-on-a-locked-iphone-evidence-indicates-yes/ The FBI appears to have a tool that can access Signal messages, even if a device is locked. WestRock Ransomware Attack Hinders Packaging Production threatpost.com/westrock-ransomware-attack/163717/ The ransomware attack, affecting OT systems, resulted in some of WestRock’s facilities lagging in […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.