Daily NCSC-FI news followup 2020-07-25

Will Garmin Pay $10m Ransom To End Two-Day Outage?

www.forbes.com/sites/barrycollins/2020/07/25/will-garmin-pay-10m-ransom-to-end-two-day-outage/ Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days. Lisäksi yle.fi/uutiset/3-11465640

Hackers actively exploit high-severity networking vulnerabilities

arstechnica.com/information-technology/2020/07/hackers-actively-exploit-high-severity-networking-vulnerabilities/ Hackers are actively exploiting two unrelated high-severity vulnerabilities that allow unauthenticated access or even a complete takeover of networks run by Fortune 500 companies and government organizations.

Russia’s GRU Hackers Hit US Government and Energy Targets

www.wired.com/story/russia-fancy-bear-us-hacking-campaign-government-energy/ A previously unreported Fancy Bear campaign persisted for well over a yearand indicates that the notorious group has broadened its focus.

Yhdysvaltalaiset viranomaiset menivät voimakeinoin sisälle Kiinan Houstonin-konsulaattiin

yle.fi/uutiset/3-11465379 Yhdysvaltalaisten viranomaisten on nähty menevän sisään Kiinan konsulaattiin Houstonissa käyttäen rakennuksen takaovea, kertoo uutistoimisto Reuters

Microsoft seizes control of domains used in phishing attacks

www.pandasecurity.com/mediacenter/adaptive-defense/microsoft-control-phishing-domains/ Compromised or malicious websites are a main channel for the propagation of malware infections for all kinds of devices. Simply avoiding dubious websites reduces your chances of being infected by malware, yet the real problem is often that we are unaware that we are running this risk

Ubiquiti, go write on the board 100 times, ‘I must validate input data before using it’… Update silently breaks IDS/IPS

www.theregister.com/2020/07/23/ubiquiti_borked_by_rules/ Unfortunately, from Friday to last night, a collection of rules ranging from worm and trojan detection to rogue external netblocks contained invalid data, which caused Ubiquiti’s device software to ignore those rules completely.

Leveraging Open Source Can be Powerful for Cybersecurity

securityintelligence.com/posts/open-source-cybersecurity/ Security vendors and end users have access to the same technology and resources, if not more, than the threat actor community. However, the area where cybersecurity falls short as an industry is teamwork. Vendors and end users rarely talk to each other as a broader force.

Five regular checks for Android

www.kaspersky.com/blog/five-regular-checks-for-android/36440/ To make sure that you remain in control of your data wealth, some regular maintenance is required think of it like brushing your teeth, only it’s your phone you need to clean. In this post, we talk about five regular safety and security checks for Android smartphones.

Spotify Security Hole Lets Strangers Into Your Family Account

www.forbes.com/sites/barrycollins/2020/07/23/spotify-security-hole-lets-strangers-into-your-family-account/ Spotify customers are complaining that strangers are breaking into their Family accounts, years after the problem was first raised with the music-streaming service.

You might be interested in …

Daily NCSC-FI news followup 2020-03-09

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn. threatpost.com/microsoft-exchange-server-flaw-exploited-in-apt-attacks/153527/ Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges.. see also www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys ENTSO-E: cyber intrusion on its office […]

Read More

Daily NCSC-FI news followup 2020-02-05

Malware infection attempts appear to be shrinking… possibly because miscreants are less spammy and more focused on specific targets www.theregister.co.uk/2020/02/04/sonicwall_threat_report/ Attempts to infect computers with ransomware and other malware over networks are decreasing, reckons infosec outfit Sonicwall. FBI Warns of DDoS Attack on State Voter Registration Site www.bleepingcomputer.com/news/security/fbi-warns-of-ddos-attack-on-state-voter-registration-site/ The US Federal Bureau of Investigation (FBI) […]

Read More

Daily NCSC-FI news followup 2021-01-11

Sunburst backdoor code overlaps with Kazuar securelist.com/sunburst-backdoor-kazuar/99981/ On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named Dark Halo. FireEye did not link […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.