Daily NCSC-FI news followup 2020-07-16

Britannia, USA ja Kanada epäilevät Venäjää koronarokotetutkijoiden vakoilusta

yle.fi/uutiset/3-11451847 Maiden mukaan hakkeriryhmä APT29 eli Cozy Bear on hyökännyt rokotetutkimuksessa mukana olevia tutkimusryhmiä vastaan, niin akateemisia kuin lääketeollisuudenkin. Katso myös:

www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ja


Useita poliitikkojen ja julkisuuden henkilöiden Twitter-tilejä kaapattiin – Bitcoin-valuuttaa onnistuttiin huijaamaan yli 100 000 euron arvosta

yle.fi/uutiset/3-11450130 Viestejä lähetettiin muun muassa Yhdysvaltojen entisen presidentin Barack Obaman, demokraattien tulevan presidenttiehdokkaan Joe Bidenin, Microsoftin perustajan Bill Gatesin, Teslan toimitusjohtajan Elon Muskin, artisti Kanye Westin ja Applen tileiltä. Lue myös:


Check Point ja Zoom korjasivat yhdessä etäkokouspalvelun tietoturvaongelman

www.epressi.com/tiedotteet/tietotekniikka/check-point-ja-zoom-korjasivat-yhdessa-etakokouspalvelun-tietoturvaongelman.html Tietoturvayhtiö Check Point ja etäkokouksista tuttu Zoom havaitsivat palvelun muokattavissa URL-osoitteissa vian, joka olisi mahdollistanut kokouskutsujen linkkien manipuloinnin ja käyttämisen tietojen kalasteluun.

PoC exploits released for SAP Recon vulnerabilities, patch now!

www.bleepingcomputer.com/news/security/poc-exploits-released-for-sap-recon-vulnerabilities-patch-now/ Just two days after SAP released patches for a critical NetWeaver AS JAVA remote code execution vulnerability, proof-of-concept (PoC) exploits have been released, and active scans are underway to exploit devices. Katso myös:


French telecomms company Orange confirms ransomware attack exposing business customers’ data

www.bleepingcomputer.com/news/security/orange-confirms-ransomware-attack-exposing-business-customers-data/ With 266 million customers and 148, 000 employees, Orange is the fourth-largest mobile operator in Europe. On July 15th, 2020, the ransomware operators behind the Nefilim Ransomware added Orange to their data leak site and stated that they breached the company through their “Orange Business Solutions” division. Orange confirmed to BleepingComputer that they suffered a ransomware attack targeting their Orange Business Services division on the night of Saturday, July 4th, 2020, into July 5th.

How To Develop Playbooks For Cybersecurity

www.forbes.com/sites/elenakvochko/2020/07/13/how-to-develop-playbooks-for-cybersecurity/#4f7844bd6093 Cybersecurity can be a daunting concept even for those involved in the technology world. A virtual, rather than physical, threat is harder to grasp and seems almost impossible to tackle. However, understanding the crime and the criminal can give you a chance to be better prepared for a cyber attack.

DMARC Adoption Spikes, Higher Ed Remains Behind

threatpost.com/dmarc-adoption-spikes-higher-ed-remains-behind/157413/ Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years – a 2.5 times greater total than in 2018. Valimail found that while DMARC is widely supported, with 80 percent of all inboxes worldwide doing DMARC checks and enforcing domain owners’ policies on inbound messages only 13.9 percent of all DMARC records are configured with enforcement policies that reject or quarantine non-authenticating email.

You might be interested in …

Daily NCSC-FI news followup 2019-10-04

COMpfun successor Reductor infects files on the fly to compromise TLS traffic securelist.com/compfun-successor-reductor/93633/ In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. Analysis of the malware allowed us to confirm that the operators have some control over the targets network channel and could replace legitimate installers with infected […]

Read More

Daily NCSC-FI news followup 2020-07-10

Mitigating a 754 Million PPS DDoS Attack Automatically blog.cloudflare.com/mitigating-a-754-million-pps-ddos-attack-automatically/ On June 21, Cloudflare automatically mitigated a highly volumetric DDoS attack that peaked at 754 million packets per second. This DDoS campaign, the attack peaked at a mere 250 Gbps so it does not seem as the attacker intended to saturate our Internet links, perhaps because […]

Read More

Daily NCSC-FI news followup 2019-07-09

Serious Zoom security flaw could let websites hijack Mac cameras www.theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed. Exclusive: The true origins […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.