Daily NCSC-FI news followup 2020-07-19

WSJ: Yhdysvaltalaistutkijat jäljittivät matkapuhelinten signaaleja lähellä venäläisiä sotilaskohteita

yle.fi/uutiset/3-11455540 Kaupallisesti saatavilla olevaa paikannustietoa käytetään yhä enemmän myös valtiollisessa tiedustelussa. Amerikkalainen tutkijaryhmä Mississippin yliopistosta seurasi viime vuonna matkapuhelinten signaaleja lähellä Venäjän sotilasalueita, Wall Street Journal uutisoi. Lue myös:


iOS 13.6: Apple Just Gave iPhone Users 29 Security Reasons To Update Now

www.forbes.com/sites/kateoflahertyuk/2020/07/19/ios-136-apple-just-gave-iphone-users-29-security-reasons-to-update-now/ Apple’s iOS 13.6 comes with a bunch of cool new features, but it also fixes 29 security vulnerabilities impacting iPhones and iPadssome of which are pretty serious.

Weak Gadget Passwords Could Be Illegal In 2021, Says U.K. Government

www.forbes.com/sites/daveywinder/2020/07/19/weak-gadget-passwords-could-be-illegal-in-2021-says-uk-government-iot-hacking-cybercrime-law/ In his foreword to a newly published policy paper on regulating consumer smart-product cybersecurity, the U.K. Minister for Digital Information, Matt Warman MP, has said that his is an “unashamedly pro-tech government.” Warman stated that the Department for Digital, Culture, Media and Sport has been working with the National Cyber. Security Centre (NCSC) to “urgently address” the problem of poor Internet of Things (IoT) device security. The problem, such as it is, has been a thorn in the side of cybersecurity experts ever since the Internet of Things first became, well, a thing. With billions of devices already out there, and predictions that there could be as many as 41 billion IoT devices by 2025, the scale of the security problem is as vast as it is pressing.

How to Check Your Devices for Stalkerware

www.wired.com/story/how-to-check-for-stalkerware/ You deserve privacy. Here’s how to check your phone, laptop, and online accounts to make sure no one’s looking over your shoulder. Whether it’s a prying boss or a paranoid partner, no one should snoop on your phone or laptop. But that’s exactly what can happen if stalkerware somehow gets installed on your devices. These software tools are designed to be hidden and difficult to detect, but you can find them if you know how. There’s a wide range of scenarios here, from friends playing pranks to partners being abusive. If you’re in a relationship where you feel trapped and afraid, help is available from the National Domestic Violence Hotline, the Coalition Against Stalkerware, and many other placesplease reach out. Dealing with programs planted on company-owned devices by your employer is a little different than someone you know personally trying to spy on you. The company you work for may have what it sees as valid reasons to keep tabs on how productive you are, especially if it provides the hardware and software you use every day.

How to Know If You’ve Been Hackedand What to Do About It

www.wired.com/story/how-to-know-if-youve-been-hacked-and-what-to-do-about-it/ Facebook. Google. Netflix. Sometimes your accounts get compromised, so it’s key to understand the threats. The average person will likely face fewer sophisticated threats than, say, a senior politician, activist or CEO. More high-profile figures may be targeted with phishing emails that are looking to steal secrets from corporate networks or initiate the transfer of large sums of money. You, your friends and your family will likely face different threats: from people you know seeking revenge, or, more likely, crime groups using automated tools to scoop up credentials en masse. Understanding the threats is key. Everyone has their own threat model that includes things that matter most to them what’s important to you may not be equally important to someone else. But there’s a value to everything you do online: from Facebook and Netflix to online banking and shopping. If one of your accounts is compromised, stolen login information or financial details can be used across the web. It’s that sort of scenario that lets people order takeaways through compromised Deliveroo accounts. The clearest sign that you’ve been hacked is when something has changed. You might not be able to access your Google account using your regular username and password or there may have been a suspicious purchases charged to one of your bank accounts. These are fairly obvious indications that you’ve been compromised in some wayand hopefully banks will detect any suspicious payments before things spiral too far.

New phishing campaign abuses a trio of enterprise cloud services

www.bleepingcomputer.com/news/security/new-phishing-campaign-abuses-a-trio-of-enterprise-cloud-services/ A new phishing campaign uses a trio of enterprise cloud services, Microsoft Azure, Microsoft Dynamics, and IBM Cloud, as part of an attempt to steal your login credentials. BleepingComputer recently analyzed a new phishing campaign that pretends to from a help desk named “servicedesk.com” that mimics similar wording used by real IT helpdesk domains in corporate environments. The email imitates a “quarantined mail” notification frequently sent out in workplaces by email security products and spam filters, asking the user to “release” messages stuck in the queue.

Inside the surveillance software tracking child porn offenders across the globe

www.nbcnews.com/tech/internet/inside-surveillance-software-tracking-child-porn-offenders-across-globe-n1234019 The Child Protection System helps police triage child pornography cases. But as the system expands, it’s facing growing privacy concerns.

Here’s why your Samsung Blu-ray player bricked itself: It downloaded an XML config file that broke the firmware

www.theregister.com/2020/07/18/samsung_bluray_mass_dieoff_explained/ Network-connected gear stuck in boot loop needs replacing. Since the middle of last month, thousands of Samsung customers found their older internet-connected Blu-ray players had stopped working. In the days that followed, complaints about devices caught in an endless startup boot loop began to appear on various internet discussion boards, and videos documenting the device failure appeared on YouTube. To fix the issue, Samsung eventually advised customers to return their inoperable video players for repairs. There is no software fix. “We are aware of the boot loop issue that appeared on certain 2015 Samsung Blu-Ray players and are offering free mail-in repairs to customers who have been impacted, ” a representative of the mega-manufacturer said in a Samsung forum post. The problem with the XML file, sent out on June 18, 2020, is that it wasn’t formatted in a way compatible with the device’s code. Though a valid XML file, it contained an empty list element. Read also:


Threat Group Cards: A Threat Actor Encyclopedia

apt.thaicert.or.th Welcome to the portal version of our book “Threat Group Cards: A Threat Actor Encyclopedia”, a free PDF we first published in 2019 and that can be downloaded from our website.. When analyzing security incidents we always face the question which adversary we are possibly dealing with and what we know about their prior engagements and TTP, to get a better understanding of how to approach and what else to look for.

You might be interested in …

Daily NCSC-FI news followup 2020-08-06

Australia’s 2020 Cyber Security Strategy www.pm.gov.au/media/australias-2020-cyber-security-strategy The Morrison Governments 2020 Cyber Security Strategy outlines how we will keep Australian families and businesses secure online, protect and strengthen the security and resilience of Australias critical infrastructure and ensure law enforcement agencies have the powers and technical capabilities to detect, target, investigate and disrupt cybercrime, including on […]

Read More

Daily NCSC-FI news followup 2019-08-08

Porin kaupunki joutunut tietomurron kohteeksi www.pori.fi/uutinen/2019-08-08_porin-kaupunki-joutunut-tietomurron-kohteeksi Keskiviikkona 7. elokuuta iltapäivällä yhdellä Porin kaupungin opetusverkon työasemalla havaittiin tietomurto. Kyseisen työaseman kautta oli saatu asennettua haittaohjelma opetusverkon käyttäjähakemistopalvelimille.. Haittaohjelman tarkoituksena oli datan kerääminen, joka on saattanut vaarantaa käyttäjien kirjautumistietoja. Varotoimenpiteenä kaikkien opetusverkon käyttäjien salasanat vaihdetaan, sanoo ICT-yksikön päällikkö Heikki Haaparanta. . Reagoimme tilanteeseen nopeasti, minkä vuoksi murto […]

Read More

Daily NCSC-FI news followup 2020-07-04

Hackers are trying to steal admin passwords from F5 BIG-IP devices www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/#ftag=RSSbaffb68 In an interview earlier today, [NCC group researcher] Warren told ZDNet the attacks are malicious in nature, and hackers are attempting to steal administrator passwords from the hacked devices. New Behave! extension warns of website port scans, local attacks www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/ A new browser […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.