Daily NCSC-FI news followup 2020-07-25

Will Garmin Pay $10m Ransom To End Two-Day Outage?

www.forbes.com/sites/barrycollins/2020/07/25/will-garmin-pay-10m-ransom-to-end-two-day-outage/ Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days. Lisäksi yle.fi/uutiset/3-11465640

Hackers actively exploit high-severity networking vulnerabilities

arstechnica.com/information-technology/2020/07/hackers-actively-exploit-high-severity-networking-vulnerabilities/ Hackers are actively exploiting two unrelated high-severity vulnerabilities that allow unauthenticated access or even a complete takeover of networks run by Fortune 500 companies and government organizations.

Russia’s GRU Hackers Hit US Government and Energy Targets

www.wired.com/story/russia-fancy-bear-us-hacking-campaign-government-energy/ A previously unreported Fancy Bear campaign persisted for well over a yearand indicates that the notorious group has broadened its focus.

Yhdysvaltalaiset viranomaiset menivät voimakeinoin sisälle Kiinan Houstonin-konsulaattiin

yle.fi/uutiset/3-11465379 Yhdysvaltalaisten viranomaisten on nähty menevän sisään Kiinan konsulaattiin Houstonissa käyttäen rakennuksen takaovea, kertoo uutistoimisto Reuters

Microsoft seizes control of domains used in phishing attacks

www.pandasecurity.com/mediacenter/adaptive-defense/microsoft-control-phishing-domains/ Compromised or malicious websites are a main channel for the propagation of malware infections for all kinds of devices. Simply avoiding dubious websites reduces your chances of being infected by malware, yet the real problem is often that we are unaware that we are running this risk

Ubiquiti, go write on the board 100 times, ‘I must validate input data before using it’… Update silently breaks IDS/IPS

www.theregister.com/2020/07/23/ubiquiti_borked_by_rules/ Unfortunately, from Friday to last night, a collection of rules ranging from worm and trojan detection to rogue external netblocks contained invalid data, which caused Ubiquiti’s device software to ignore those rules completely.

Leveraging Open Source Can be Powerful for Cybersecurity

securityintelligence.com/posts/open-source-cybersecurity/ Security vendors and end users have access to the same technology and resources, if not more, than the threat actor community. However, the area where cybersecurity falls short as an industry is teamwork. Vendors and end users rarely talk to each other as a broader force.

Five regular checks for Android

www.kaspersky.com/blog/five-regular-checks-for-android/36440/ To make sure that you remain in control of your data wealth, some regular maintenance is required think of it like brushing your teeth, only it’s your phone you need to clean. In this post, we talk about five regular safety and security checks for Android smartphones.

Spotify Security Hole Lets Strangers Into Your Family Account

www.forbes.com/sites/barrycollins/2020/07/23/spotify-security-hole-lets-strangers-into-your-family-account/ Spotify customers are complaining that strangers are breaking into their Family accounts, years after the problem was first raised with the music-streaming service.

You might be interested in …

Daily NCSC-FI news followup 2019-10-25

Cachet Financial Reeling from MyPayrollHR Fraud krebsonsecurity.com/2019/10/cachet-financial-reeling-from-mypayrollhr-fraud/ When New York-based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payment processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway, graciously eating a $26 million loss which […]

Read More

Daily NCSC-FI news followup 2020-04-10

Large email extortion campaign underway, DON’T PANIC! www.bleepingcomputer.com/news/security/large-email-extortion-campaign-underway-dont-panic/ A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer’s webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends. Ransomware scumbags leak Boeing, Lockheed […]

Read More

Daily NCSC-FI news followup 2019-06-11

Wi-Fi in the office convenient but risky www.kaspersky.com/blog/vulnerable-wi-fi/27250/ Almost every office has a Wi-Fi network today, and sometimes more than one. Who wants to connect laptops with a cable? And forget about smartphones and tablets! However, a wireless network can be a weak point in your IT infrastructure. Not all companies use complex and unique […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.