Daily NCSC-FI news followup 2020-06-21

Ransomware operators lurk on your network after their attack

www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over time, ranging from a day to even a month, starting with a ransomware operator breaching a network. This breach is through exposed remote desktop services, vulnerabilities in VPN software, or via remote access given by malware such as TrickBot, Dridex, and QakBot.

Hacker Lexicon: What Is a Side Channel Attack?

www.wired.com/story/what-is-side-channel-attack/ Modern cybersecurity depends on machines keeping secrets. But computers, like poker-playing humans, have tells. They flit their eyes when they’ve got a good hand, or raise an eyebrow when they’re bluffingor at least, the digital equivalent. And a hacker who learns to read those unintended signals can extract the secrets they contain, in what’s known as a “side channel attack.”.. Side channel attacks take advantage of patterns in the information exhaust that computers constantly give off: the electric emissions from a computer’s monitor or hard drive, for instance, that emanate slightly differently depending on what information is crossing the screen or being read by the drive’s magnetic head.

Mistä tietää, voiko verkkosivuun luottaa? Tarkista nämä 5 asiaa

www.is.fi/digitoday/tietoturva/art-2000006545823.html Verkkosivun turvallisuus on monen tekijän summa. Valpas käyttäjä ei välttämättä luota edes aitoon sivustoon. Se, että verkossa on huijauksia, ei ole kovinkaan monelle uutinen. Niiden erottaminen aidoista verkkosivuista on kuitenkin aina vain hankalampaa, sillä verkkohuijarit kehittyvät koko ajan. Surffaajan ja verkkoshoppailijan on siis oltava koko ajan varovaisempi. IS Digitoday kokosi ohjeita verkkosivun turvallisuuden varmistamiseksi. Apuna käytettiin Kyberturvallisuuskeskuksen neuvoja.

Hacker arrested for stealing, selling PII of 65K hospital employees

www.bleepingcomputer.com/news/security/hacker-arrested-for-stealing-selling-pii-of-65k-hospital-employees/ 29-year-old Michigan man Justin Sean Johnson was arrested earlier this week for allegedly being behind the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC), stealing the PII and W-2 information of over 65,000 employees, and selling it on the dark web. Pittsburgh-based UPMC is Pennsylvanias largest healthcare provider with over 90,000 employees, integrating 40 hospitals and 700 doctors offices and outpatient sites.

SC Handler Series: [email protected] – Maldocs: a bit of blue, a bit of red

isc.sans.edu/forums/diary/ISC+Handler+Series+SANSMIC+Maldocs+a+bit+of+blue+a+bit+of+red/26262/ This week, I presented at SANSFIRE: [email protected] – Maldocs: a bit of blue, a bit of red. The recording of my presentation is now up on YouTube.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.