Daily NCSC-FI news followup 2020-07-19

WSJ: Yhdysvaltalaistutkijat jäljittivät matkapuhelinten signaaleja lähellä venäläisiä sotilaskohteita

yle.fi/uutiset/3-11455540 Kaupallisesti saatavilla olevaa paikannustietoa käytetään yhä enemmän myös valtiollisessa tiedustelussa. Amerikkalainen tutkijaryhmä Mississippin yliopistosta seurasi viime vuonna matkapuhelinten signaaleja lähellä Venäjän sotilasalueita, Wall Street Journal uutisoi. Lue myös:


iOS 13.6: Apple Just Gave iPhone Users 29 Security Reasons To Update Now

www.forbes.com/sites/kateoflahertyuk/2020/07/19/ios-136-apple-just-gave-iphone-users-29-security-reasons-to-update-now/ Apple’s iOS 13.6 comes with a bunch of cool new features, but it also fixes 29 security vulnerabilities impacting iPhones and iPadssome of which are pretty serious.

Weak Gadget Passwords Could Be Illegal In 2021, Says U.K. Government

www.forbes.com/sites/daveywinder/2020/07/19/weak-gadget-passwords-could-be-illegal-in-2021-says-uk-government-iot-hacking-cybercrime-law/ In his foreword to a newly published policy paper on regulating consumer smart-product cybersecurity, the U.K. Minister for Digital Information, Matt Warman MP, has said that his is an “unashamedly pro-tech government.” Warman stated that the Department for Digital, Culture, Media and Sport has been working with the National Cyber. Security Centre (NCSC) to “urgently address” the problem of poor Internet of Things (IoT) device security. The problem, such as it is, has been a thorn in the side of cybersecurity experts ever since the Internet of Things first became, well, a thing. With billions of devices already out there, and predictions that there could be as many as 41 billion IoT devices by 2025, the scale of the security problem is as vast as it is pressing.

How to Check Your Devices for Stalkerware

www.wired.com/story/how-to-check-for-stalkerware/ You deserve privacy. Here’s how to check your phone, laptop, and online accounts to make sure no one’s looking over your shoulder. Whether it’s a prying boss or a paranoid partner, no one should snoop on your phone or laptop. But that’s exactly what can happen if stalkerware somehow gets installed on your devices. These software tools are designed to be hidden and difficult to detect, but you can find them if you know how. There’s a wide range of scenarios here, from friends playing pranks to partners being abusive. If you’re in a relationship where you feel trapped and afraid, help is available from the National Domestic Violence Hotline, the Coalition Against Stalkerware, and many other placesplease reach out. Dealing with programs planted on company-owned devices by your employer is a little different than someone you know personally trying to spy on you. The company you work for may have what it sees as valid reasons to keep tabs on how productive you are, especially if it provides the hardware and software you use every day.

How to Know If You’ve Been Hackedand What to Do About It

www.wired.com/story/how-to-know-if-youve-been-hacked-and-what-to-do-about-it/ Facebook. Google. Netflix. Sometimes your accounts get compromised, so it’s key to understand the threats. The average person will likely face fewer sophisticated threats than, say, a senior politician, activist or CEO. More high-profile figures may be targeted with phishing emails that are looking to steal secrets from corporate networks or initiate the transfer of large sums of money. You, your friends and your family will likely face different threats: from people you know seeking revenge, or, more likely, crime groups using automated tools to scoop up credentials en masse. Understanding the threats is key. Everyone has their own threat model that includes things that matter most to them what’s important to you may not be equally important to someone else. But there’s a value to everything you do online: from Facebook and Netflix to online banking and shopping. If one of your accounts is compromised, stolen login information or financial details can be used across the web. It’s that sort of scenario that lets people order takeaways through compromised Deliveroo accounts. The clearest sign that you’ve been hacked is when something has changed. You might not be able to access your Google account using your regular username and password or there may have been a suspicious purchases charged to one of your bank accounts. These are fairly obvious indications that you’ve been compromised in some wayand hopefully banks will detect any suspicious payments before things spiral too far.

New phishing campaign abuses a trio of enterprise cloud services

www.bleepingcomputer.com/news/security/new-phishing-campaign-abuses-a-trio-of-enterprise-cloud-services/ A new phishing campaign uses a trio of enterprise cloud services, Microsoft Azure, Microsoft Dynamics, and IBM Cloud, as part of an attempt to steal your login credentials. BleepingComputer recently analyzed a new phishing campaign that pretends to from a help desk named “servicedesk.com” that mimics similar wording used by real IT helpdesk domains in corporate environments. The email imitates a “quarantined mail” notification frequently sent out in workplaces by email security products and spam filters, asking the user to “release” messages stuck in the queue.

Inside the surveillance software tracking child porn offenders across the globe

www.nbcnews.com/tech/internet/inside-surveillance-software-tracking-child-porn-offenders-across-globe-n1234019 The Child Protection System helps police triage child pornography cases. But as the system expands, it’s facing growing privacy concerns.

Here’s why your Samsung Blu-ray player bricked itself: It downloaded an XML config file that broke the firmware

www.theregister.com/2020/07/18/samsung_bluray_mass_dieoff_explained/ Network-connected gear stuck in boot loop needs replacing. Since the middle of last month, thousands of Samsung customers found their older internet-connected Blu-ray players had stopped working. In the days that followed, complaints about devices caught in an endless startup boot loop began to appear on various internet discussion boards, and videos documenting the device failure appeared on YouTube. To fix the issue, Samsung eventually advised customers to return their inoperable video players for repairs. There is no software fix. “We are aware of the boot loop issue that appeared on certain 2015 Samsung Blu-Ray players and are offering free mail-in repairs to customers who have been impacted, ” a representative of the mega-manufacturer said in a Samsung forum post. The problem with the XML file, sent out on June 18, 2020, is that it wasn’t formatted in a way compatible with the device’s code. Though a valid XML file, it contained an empty list element. Read also:


Threat Group Cards: A Threat Actor Encyclopedia

apt.thaicert.or.th Welcome to the portal version of our book “Threat Group Cards: A Threat Actor Encyclopedia”, a free PDF we first published in 2019 and that can be downloaded from our website.. When analyzing security incidents we always face the question which adversary we are possibly dealing with and what we know about their prior engagements and TTP, to get a better understanding of how to approach and what else to look for.

You might be interested in …

Daily NCSC-FI news followup 2020-05-07

A Deep Dive Into the Latest Maze Ransomware TTPs www.kroll.com/en/insights/publications/cyber/latest-maze-ransomware-ttps Kroll incident response (IR) practitioners worked on multiple Maze ransomware cases during the first quarter of 2020 and have new insights on the tactics, techniques and procedures (TTPs) of these actors and why organizations should revisit their IR plans. In our work with one client, […]

Read More

Daily NCSC-FI news followup 2020-12-21

Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/ In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked. The phones were compromised […]

Read More

Daily NCSC-FI news followup 2020-01-30

Enterprise Hardware Still Vulnerable to Memory Lane Attacks www.darkreading.com/vulnerabilities—threats/enterprise-hardware-still-vulnerable-to-memory-lane-attacks/d/d-id/1336921 Most laptops, workstations, and servers are still vulnerable to physical attacks via direct memory access, despite mitigations often being available, report says.. Report: eclypsium.com/2020/01/30/direct-memory-access-attacks/ Dozens of companies have data dumped online by ransomware ring seeking leverage arstechnica.com/information-technology/2020/01/dozens-of-companies-have-data-dumped-online-by-ransomware-ring-seeking-leverage/ Maze operators “gift” Pensacola by removing data dump, but […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.