Daily NCSC-FI news followup 2020-07-16

Britannia, USA ja Kanada epäilevät Venäjää koronarokotetutkijoiden vakoilusta

yle.fi/uutiset/3-11451847 Maiden mukaan hakkeriryhmä APT29 eli Cozy Bear on hyökännyt rokotetutkimuksessa mukana olevia tutkimusryhmiä vastaan, niin akateemisia kuin lääketeollisuudenkin. Katso myös:

www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ja


Useita poliitikkojen ja julkisuuden henkilöiden Twitter-tilejä kaapattiin – Bitcoin-valuuttaa onnistuttiin huijaamaan yli 100 000 euron arvosta

yle.fi/uutiset/3-11450130 Viestejä lähetettiin muun muassa Yhdysvaltojen entisen presidentin Barack Obaman, demokraattien tulevan presidenttiehdokkaan Joe Bidenin, Microsoftin perustajan Bill Gatesin, Teslan toimitusjohtajan Elon Muskin, artisti Kanye Westin ja Applen tileiltä. Lue myös:


Check Point ja Zoom korjasivat yhdessä etäkokouspalvelun tietoturvaongelman

www.epressi.com/tiedotteet/tietotekniikka/check-point-ja-zoom-korjasivat-yhdessa-etakokouspalvelun-tietoturvaongelman.html Tietoturvayhtiö Check Point ja etäkokouksista tuttu Zoom havaitsivat palvelun muokattavissa URL-osoitteissa vian, joka olisi mahdollistanut kokouskutsujen linkkien manipuloinnin ja käyttämisen tietojen kalasteluun.

PoC exploits released for SAP Recon vulnerabilities, patch now!

www.bleepingcomputer.com/news/security/poc-exploits-released-for-sap-recon-vulnerabilities-patch-now/ Just two days after SAP released patches for a critical NetWeaver AS JAVA remote code execution vulnerability, proof-of-concept (PoC) exploits have been released, and active scans are underway to exploit devices. Katso myös:


French telecomms company Orange confirms ransomware attack exposing business customers’ data

www.bleepingcomputer.com/news/security/orange-confirms-ransomware-attack-exposing-business-customers-data/ With 266 million customers and 148, 000 employees, Orange is the fourth-largest mobile operator in Europe. On July 15th, 2020, the ransomware operators behind the Nefilim Ransomware added Orange to their data leak site and stated that they breached the company through their “Orange Business Solutions” division. Orange confirmed to BleepingComputer that they suffered a ransomware attack targeting their Orange Business Services division on the night of Saturday, July 4th, 2020, into July 5th.

How To Develop Playbooks For Cybersecurity

www.forbes.com/sites/elenakvochko/2020/07/13/how-to-develop-playbooks-for-cybersecurity/#4f7844bd6093 Cybersecurity can be a daunting concept even for those involved in the technology world. A virtual, rather than physical, threat is harder to grasp and seems almost impossible to tackle. However, understanding the crime and the criminal can give you a chance to be better prepared for a cyber attack.

DMARC Adoption Spikes, Higher Ed Remains Behind

threatpost.com/dmarc-adoption-spikes-higher-ed-remains-behind/157413/ Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years – a 2.5 times greater total than in 2018. Valimail found that while DMARC is widely supported, with 80 percent of all inboxes worldwide doing DMARC checks and enforcing domain owners’ policies on inbound messages only 13.9 percent of all DMARC records are configured with enforcement policies that reject or quarantine non-authenticating email.

You might be interested in …

Daily NCSC-FI news followup 2020-11-27

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors thehackernews.com/2020/11/digitally-signed-bandook-malware-once.html A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark […]

Read More

Daily NCSC-FI news followup 2019-12-25

Toistasataa kiinalaista pidätettiin Nepalissa epäiltynä kyberhuijauksesta yle.fi/uutiset/3-11134577 Ratsiassa takavarikoitiin yli 700 puhelinta ja 400 tietokonetta. Staying Cyber-Safe This Holiday Season www.fortinet.com/blog/industry-trends/staying-cyber-safe-this-holiday-season.html Look-alike websites, fake shipping notifications, e-cards, emergency scams, phony charities, free gift cards etc. These are the most common forms of holiday scams. Signs of Phishing: Protecting Yourself During the Holidays www.tripwire.com/state-of-security/featured/signs-of-phishing-protecting-yourself-during-the-holidays/ Some things […]

Read More

Daily NCSC-FI news followup 2020-08-07

The Secret Life of an Initial Access Broker ke-la.com/the-secret-life-of-an-initial-access-broker/ Recently, ZDNet exclusively reported a leak posted on a cybercrime community containing details and credentials of over 900 enterprise Secure Pulse servers exploited by threat actors. Since this leak represents an ever-growing ransomware risk, KELA delved into both the leaks content and the actors who were […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.