Daily NCSC-FI news followup 2020-07-27

Alert (AA20-209A) Potential Legacy Risk from Malware Targeting QNAP NAS Devices

us-cert.cisa.gov/ncas/alerts/aa20-209 CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.. All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes. The malware, documented in open-source reports, has infected thousands of devices worldwide with a particularly high number of infections in North America and Europe. Further, once a device has been infected, attackers can prevent administrators from successfully running firmware updates. This alert summarizes the findings of CISA and NCSC analysis and provides mitigation advice. Lisäksi

www.zdnet.com/article/cisa-says-62000-qnap-nas-devices-have-been-infected-with-the-qsnatch-malware/#ftag=RSSbaffb68 ja

www.bleepingcomputer.com/news/security/uk-and-us-warn-qnap-owners-to-upgrade-firmware-to-block-malware/. Lisäksi Kyberturvallisuuskeskuksen artikkeli

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/qsnatch-qnap-nas-laitteisiin-suunnattu-haittaohjelma (2019)

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

threatpost.com/attackers-exploiting-high-severity-network-security-flaw-cisco-warns/157756/ Attackers are exploiting a high-severity vulnerability in Cisco’s network security software products, which is used by Fortune 500 companies.

Garmin begins to restore Garmin Connect features, services, says customer data not impacted

www.zdnet.com/article/garmin-begins-to-restore-garmin-connect-features-services/ Garmin has started to bring its Garmin Connect software back online after a ransomware attack shelved the system since late Wednesday. The company also said that customer data hasn’t been impacted and that its cyberattack occurred July 23. Lisäksi Garminin lausunto

www.businesswire.com/news/home/20200727005634/en/Garmin%C2%AE-issues-statement-outage. Lisäksi www.is.fi/digitoday/tietoturva/art-2000006583230.html ja

www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/ ja www.bbc.com/news/technology-53553576 ja


Tech unicorn Dave admits to security breach impacting 7.5 million users

www.zdnet.com/article/tech-unicorn-dave-admits-to-security-breach-impacting-7-5-million-users Digital banking app and tech unicorn Dave.com confirmed today a security breach after a hacker published the details of 7, 516, 625 users on a public forum. Lisäksi

www.tivi.fi/uutiset/tv/dcc16173-86da-4097-a617-54f7a9c38a5e – Hakkerit korkkasivat suositun pankkisovelluksen: 7, 5 miljoonan asiakkaan tiedot vietiin. Lisäksi


ProLock ransomware new report reveals the evolution of a threat

nakedsecurity.sophos.com/2020/07/27/prolock-ransomware-new-report-reveals-the-evolution-of-a-threat/ SophosLabs has just published a new report on a ransomware strain known as ProLock, which is interesting not so much for its implementation as for its evolution. Lisäksi Sophoksen raportti


No More Ransom turns 4: Saves $632 million in ransomware payments

www.bleepingcomputer.com/news/security/no-more-ransom-turns-4-saves-632-million-in-ransomware-payments/ The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. No More Ransom was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, and McAfee to battle ransomware and provide free decryption services and support to victims. Lisäksi


FBI warns cyber actors abusing protocols as new DDoS attack vectors

securityaffairs.co/wordpress/106419/cyber-crime/fbi-warns-ddos-attacks-protocols.html The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. Lisäksi

dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/fbi-private-industry-notification-20200721-002.pdf (FBI:n ilmoitus)

You might be interested in …

Daily NCSC-FI news followup 2020-11-02

Oracle Releases Out-of-Band Security Alert us-cert.cisa.gov/ncas/current-activity/2020/11/02/oracle-releases-out-band-security-alert Oracle has released an out-of-band security alert to address a remote code execution vulnerabilityCVE-2020-14750in Oracle WebLogic Server. A remote attacker can exploit this vulnerability to take control of an affected system. Read also: www.oracle.com/security-alerts/alert-cve-2020-14750.html Poliisille ilmoitettujen tietomurtojen määrä on liki tuplaantunut parissa vuodessa rikosten todellinen määrä on vielä suurempi […]

Read More

Daily NCSC-FI news followup 2021-09-26

Miten kiinalaisten puhelinten käy Suomessa? Näin kommentoivat operaattorit www.is.fi/digitoday/mobiili/art-2000008286255.html Suomen operaattorikolmikko ottaa väitteet puhelinten tietoturvaongelmista vakavasti, mutta myynti jatkuu toistaiseksi normaalisti. Hunting the LockBit Gang’s Exfiltration Infrastructures yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/ Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers thehackernews.com/2021/09/colombian-real-estate-agency-leak.html More than one terabyte of data containing 5.5 million files has been left exposed, leaking […]

Read More

Daily NCSC-FI news followup 2021-05-02

Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data Back www.forbes.com/sites/daveywinder/2021/05/02/ransomware-reality-shock-92-who-pay-dont-get-their-data-back/ According to the Sophos State of Ransomware 2021 report, the number of organizations deciding to pay a ransom has risen to 32% in 2021 compared to 26% last year. That same global survey discovered that only 8% of them got all their data […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.