Daily NCSC-FI news followup 2020-07-16

Britannia, USA ja Kanada epäilevät Venäjää koronarokotetutkijoiden vakoilusta

yle.fi/uutiset/3-11451847 Maiden mukaan hakkeriryhmä APT29 eli Cozy Bear on hyökännyt rokotetutkimuksessa mukana olevia tutkimusryhmiä vastaan, niin akateemisia kuin lääketeollisuudenkin. Katso myös:

www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ja

www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development

Useita poliitikkojen ja julkisuuden henkilöiden Twitter-tilejä kaapattiin – Bitcoin-valuuttaa onnistuttiin huijaamaan yli 100 000 euron arvosta

yle.fi/uutiset/3-11450130 Viestejä lähetettiin muun muassa Yhdysvaltojen entisen presidentin Barack Obaman, demokraattien tulevan presidenttiehdokkaan Joe Bidenin, Microsoftin perustajan Bill Gatesin, Teslan toimitusjohtajan Elon Muskin, artisti Kanye Westin ja Applen tileiltä. Lue myös:

www.savonsanomat.fi/ulkomaat/Useita-tunnettuja-Twitter-tilej%C3%A4-kaapanneilla-rikollisilla-vaikutti-olevan-kiire-muuttaa-p%C3%A4%C3%A4syoikeutensa-rahaksi-%E2%80%93-tietoturva-asiantuntijan-mukaa…

Check Point ja Zoom korjasivat yhdessä etäkokouspalvelun tietoturvaongelman

www.epressi.com/tiedotteet/tietotekniikka/check-point-ja-zoom-korjasivat-yhdessa-etakokouspalvelun-tietoturvaongelman.html Tietoturvayhtiö Check Point ja etäkokouksista tuttu Zoom havaitsivat palvelun muokattavissa URL-osoitteissa vian, joka olisi mahdollistanut kokouskutsujen linkkien manipuloinnin ja käyttämisen tietojen kalasteluun.

PoC exploits released for SAP Recon vulnerabilities, patch now!

www.bleepingcomputer.com/news/security/poc-exploits-released-for-sap-recon-vulnerabilities-patch-now/ Just two days after SAP released patches for a critical NetWeaver AS JAVA remote code execution vulnerability, proof-of-concept (PoC) exploits have been released, and active scans are underway to exploit devices. Katso myös:

www.kyberturvallisuuskeskus.fi/fi/kriittinen-haavoittuvuus-sap-netweaverissa

French telecomms company Orange confirms ransomware attack exposing business customers’ data

www.bleepingcomputer.com/news/security/orange-confirms-ransomware-attack-exposing-business-customers-data/ With 266 million customers and 148, 000 employees, Orange is the fourth-largest mobile operator in Europe. On July 15th, 2020, the ransomware operators behind the Nefilim Ransomware added Orange to their data leak site and stated that they breached the company through their “Orange Business Solutions” division. Orange confirmed to BleepingComputer that they suffered a ransomware attack targeting their Orange Business Services division on the night of Saturday, July 4th, 2020, into July 5th.

How To Develop Playbooks For Cybersecurity

www.forbes.com/sites/elenakvochko/2020/07/13/how-to-develop-playbooks-for-cybersecurity/#4f7844bd6093 Cybersecurity can be a daunting concept even for those involved in the technology world. A virtual, rather than physical, threat is harder to grasp and seems almost impossible to tackle. However, understanding the crime and the criminal can give you a chance to be better prepared for a cyber attack.

DMARC Adoption Spikes, Higher Ed Remains Behind

threatpost.com/dmarc-adoption-spikes-higher-ed-remains-behind/157413/ Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years – a 2.5 times greater total than in 2018. Valimail found that while DMARC is widely supported, with 80 percent of all inboxes worldwide doing DMARC checks and enforcing domain owners’ policies on inbound messages only 13.9 percent of all DMARC records are configured with enforcement policies that reject or quarantine non-authenticating email.

You might be interested in …

Daily NCSC-FI news followup 2021-03-16

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities msrc-blog.microsoft.com/2021/03/16/guidance-for-responders-investigating-and-remediating-on-premises-exchange-server-vulnerabilities/ This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update systems. Failing to address these vulnerabilities can result in compromise […]

Read More

Daily NCSC-FI news followup 2020-01-19

Kohta kaikki tapahtuu pilvessä Amazonin evankelista vertaa pilvipalveluita sähkölaitoksiin yle.fi/uutiset/3-11151242 Pilvipalveluista on lyhyessä ajassa muodostunut perusta, jonka päälle arkemme rakentuu. Sähköpostit, valokuvat ja pikaviestit tallentuvat kaikki palvelinkeskuksiin eri puolille maailmaa.. Suomessa yritykset ovat viime vuosien aikana siirtyneet vauhdilla pilvipalveluiden asiakkaiksi. Elinkeinoelämän keskusliiton EK:n tilastojen mukaan suurista suomalaisyrityksistä 90 prosenttia käyttää maksullisia pilvipalveluita.. Suunta on aivan […]

Read More

Daily NCSC-FI news followup 2019-10-19

Schneier: Why Technologists Need to Get Involved in Public Policy www.schneier.com/blog/archives/2019/10/why_technologis.html US stopped using floppy disks to manage nuclear weapons arsenal www.zdnet.com/article/us-stopped-using-floppy-disks-to-manage-nuclear-weapons-arsenal/ The system was created in 1968 and has been running for nearly 50 years on top of an IBM Series/1 mainframe, using 8-inch floppy disks as its storage medium. US.GOV: Mind Your Own […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.