Daily NCSC-FI news followup 2020-07-24

Garmin outage caused by confirmed WastedLocker ransomware attack

www.bleepingcomputer.com/news/security/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack/ Wearable device maker Garmin shut down some of its connected services and call centers on Thursday following what the company called a worldwide outage, now confirmed to be caused by a WastedLocker ransomware attack. Lisäksi

www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/ ja

www.forbes.com/sites/leemathews/2020/07/23/garmins-alleged-ransomware-wastedlocker-evil-corp/ ja thehackernews.com/2020/07/garmin-ransomware-attack.html ja

threatpost.com/garmin-suffers-ransomware-attack/157698/

Poliisi varoittaa Microsoft huijaussoitoista – älä anna pankkitietoja tai henkilötietoja puhelimessa

www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_varoittaa_microsoft_huijaussoitoista_-_ala_anna_pankkitietoja_tai_henkilotietoja_puhelimessa_91999?language=fi Poliisi muistuttaa, että pankkitunnustietoja tai henkilötietoja ei pidä koskaan luovuttaa, jos ei ole varma vastaanottajasta. Viranomaiset, rahalaitokset tai muut asialliset tahot eivät koskaan kysy tällaisia tietoja puhelimitse. Lisäksi

www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_muistuttaa_edelleen_-_ala_anna_pankkitunnuksiasi_kenellekaan_92000?language=fi – – Poliisi muistuttaa edelleen : Älä anna pankkitunnuksiasi kenellekään

Spanish state-owned railway infrastructure manager ADIF infected with ransomware

securityaffairs.co/wordpress/106304/cyber-crime/adif-revil-ransomware-attack.html ADIF, a Spanish state-owned railway infrastructure manager under the responsibility of the Ministry of Development, was hit by REVil ransomware operators

Twitter hackers read private messages of 36 high-profile accounts

www.bleepingcomputer.com/news/security/twitter-hackers-read-private-messages-of-36-high-profile-accounts/ Twitter today admitted that the attackers behind last week’s incident read the private messages of 36 out of a total of 130 high-profile accounts targeted in the attack. Lisäksi

www.theregister.com/2020/07/23/twitter_hack_dutch_politician_dms_accessed/ ja

threatpost.com/twitter-hackers-private-messages-elite-accounts/157657/

ASUS Home Router Bugs Open Consumers to Snooping Attacks

threatpost.com/asus-home-router-bugs-snooping-attacks/157682/ The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router. Lisäksi

nakedsecurity.sophos.com/2020/07/24/asus-routers-could-be-reflashed-with-malware-patch-now/

Yhdysvaltain ja Kiinan kylmä sota jatkuu kahta kiinalaishakkeria syytetään yritysvakoilusta

www.kauppalehti.fi/uutiset/yhdysvaltain-ja-kiinan-kylma-sota-jatkuu-kahta-kiinalaishakkeria-syytetaan-yritysvakoilusta/dbbfd712-71de-478b-9943-f8ebebd26997 Yhdysvallat on julkaissut tietoja syytteestä kahta kiinalaishakkeria kohtaan. Syytteen mukaan hakkerit onnistuivat kymmenen vuoden aikana kaappaamaan valtavan määrän salaista dataa amerikkalaisyrityksistä. Lisäksi

garwarner.blogspot.com/2020/07/chinese-covid-19-hackers-indicted-after.html

New variant of Phobos ransomware is coming

blog.360totalsecurity.com/en/new-variant-of-phobos-ransomware-is-coming/ Recently, 360 Security Center has detected that a new variant of the Phobos ransomware virus appeared on the network. The virus uses software such as system activation tools as a carrier to induce users to download and install, steal the user’s machine information, and further pass the Trojan C&C server Download encryption ransomware related programs and implement Bitcoin ransomware.

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs

www.zdnet.com/article/a-vigilante-is-sabotaging-the-emotet-botnet-by-replacing-malware-payloads-with-gifs/ An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected.

Alert (AA20-206A) Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

us-cert.cisa.gov/ncas/alerts/aa20-206a CISA is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. released a patch for CVE-2020-5902 on June 30, 2020. Unpatched F5 BIG-IP devices are an attractive target for malicious actors. Affected organizations that have not applied the patch to fix this critical remote code execution (RCE) vulnerability risk an attacker exploiting CVE-2020-5902 to take control of their system. Note: F5’s security advisory for CVE-2020-5902 states that there is a high probability that any remaining unpatched devices are likely already compromised.

You might be interested in …

Daily NCSC-FI news followup 2020-04-19

www.wired.com/story/apple-google-social-distancing-maps-privacy/ www.zdnet.com/article/hackers-steal-25-million-worth-of-cryptocurrency-from-uniswap-and-lendf-me/ www.zdnet.com/article/hacker-leaks-23-million-usernames-and-passwords-from-webkinz-childrens-game/ www.zdnet.com/article/phishing-kit-prices-skyrocketed-in-2019-by-149/ www.bloomberg.com/news/articles/2020-04-17/data-breach-shows-iranians-use-chat-apps-to-spy-researchers-say www.bleepingcomputer.com/news/security/coronavirus-dark-web-scams-from-infected-blood-to-ventilators/

Read More

Daily NCSC-FI news followup 2020-04-24

New Training: on orchestration of CSIRT Tools www.enisa.europa.eu/news/enisa-news/csirt-training-tools-new-orchestration The EU agency for Cybersecurity introduces new training materials to support Member States’ CSIRTs. ENISA puts great effort into supporting the development of EU Member States’ national incident response preparedness. To that purpose, ENISA updated its CSIRT training material aimed at improving the skills of CSIRT teams. […]

Read More

Daily NCSC-FI news followup 2020-06-01

Postin nimissä käynnissä kolme huijausta, yksi on erityisen häijy – numerostasi lähetetään viestejä www.is.fi/digitoday/tietoturva/art-2000006523529.html Oikeissa Postin viesteissä ei pääsääntöisesti ole linkkejä. Jos seuraat linkkiä verkkosivulle, tarkista sen osoite osoiteriviltä. Väärien sivujen osoitteet eivät usein muistuta juuri lainkaan aitoa osoitetta. Suhtaudu varauksella kaikkiin viesteihin, joissa sinulta pyydetään maksua tai sinun halutaan kirjautuvan jonnekin pankkitunnuksillasi. Katso myös: […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.