Daily NCSC-FI news followup 2020-07-27

Alert (AA20-209A) Potential Legacy Risk from Malware Targeting QNAP NAS Devices

us-cert.cisa.gov/ncas/alerts/aa20-209 CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.. All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes. The malware, documented in open-source reports, has infected thousands of devices worldwide with a particularly high number of infections in North America and Europe. Further, once a device has been infected, attackers can prevent administrators from successfully running firmware updates. This alert summarizes the findings of CISA and NCSC analysis and provides mitigation advice. Lisäksi

www.zdnet.com/article/cisa-says-62000-qnap-nas-devices-have-been-infected-with-the-qsnatch-malware/#ftag=RSSbaffb68 ja

www.bleepingcomputer.com/news/security/uk-and-us-warn-qnap-owners-to-upgrade-firmware-to-block-malware/. Lisäksi Kyberturvallisuuskeskuksen artikkeli

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/qsnatch-qnap-nas-laitteisiin-suunnattu-haittaohjelma (2019)

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

threatpost.com/attackers-exploiting-high-severity-network-security-flaw-cisco-warns/157756/ Attackers are exploiting a high-severity vulnerability in Cisco’s network security software products, which is used by Fortune 500 companies.

Garmin begins to restore Garmin Connect features, services, says customer data not impacted

www.zdnet.com/article/garmin-begins-to-restore-garmin-connect-features-services/ Garmin has started to bring its Garmin Connect software back online after a ransomware attack shelved the system since late Wednesday. The company also said that customer data hasn’t been impacted and that its cyberattack occurred July 23. Lisäksi Garminin lausunto

www.businesswire.com/news/home/20200727005634/en/Garmin%C2%AE-issues-statement-outage. Lisäksi www.is.fi/digitoday/tietoturva/art-2000006583230.html ja

www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/ ja www.bbc.com/news/technology-53553576 ja


Tech unicorn Dave admits to security breach impacting 7.5 million users

www.zdnet.com/article/tech-unicorn-dave-admits-to-security-breach-impacting-7-5-million-users Digital banking app and tech unicorn Dave.com confirmed today a security breach after a hacker published the details of 7, 516, 625 users on a public forum. Lisäksi

www.tivi.fi/uutiset/tv/dcc16173-86da-4097-a617-54f7a9c38a5e – Hakkerit korkkasivat suositun pankkisovelluksen: 7, 5 miljoonan asiakkaan tiedot vietiin. Lisäksi


ProLock ransomware new report reveals the evolution of a threat

nakedsecurity.sophos.com/2020/07/27/prolock-ransomware-new-report-reveals-the-evolution-of-a-threat/ SophosLabs has just published a new report on a ransomware strain known as ProLock, which is interesting not so much for its implementation as for its evolution. Lisäksi Sophoksen raportti


No More Ransom turns 4: Saves $632 million in ransomware payments

www.bleepingcomputer.com/news/security/no-more-ransom-turns-4-saves-632-million-in-ransomware-payments/ The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. No More Ransom was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, and McAfee to battle ransomware and provide free decryption services and support to victims. Lisäksi


FBI warns cyber actors abusing protocols as new DDoS attack vectors

securityaffairs.co/wordpress/106419/cyber-crime/fbi-warns-ddos-attacks-protocols.html The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. Lisäksi

dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/fbi-private-industry-notification-20200721-002.pdf (FBI:n ilmoitus)

You might be interested in …

Daily NCSC-FI news followup 2019-06-11

Wi-Fi in the office convenient but risky www.kaspersky.com/blog/vulnerable-wi-fi/27250/ Almost every office has a Wi-Fi network today, and sometimes more than one. Who wants to connect laptops with a cable? And forget about smartphones and tablets! However, a wireless network can be a weak point in your IT infrastructure. Not all companies use complex and unique […]

Read More

Daily NCSC-FI news followup 2019-10-19

Schneier: Why Technologists Need to Get Involved in Public Policy www.schneier.com/blog/archives/2019/10/why_technologis.html US stopped using floppy disks to manage nuclear weapons arsenal www.zdnet.com/article/us-stopped-using-floppy-disks-to-manage-nuclear-weapons-arsenal/ The system was created in 1968 and has been running for nearly 50 years on top of an IBM Series/1 mainframe, using 8-inch floppy disks as its storage medium. US.GOV: Mind Your Own […]

Read More

Daily NCSC-FI news followup 2019-09-03

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming krebsonsecurity.com/2019/09/feds-allege-adconion-employees-hijacked-ip-addresses-for-spamming/ Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOnSecurity has learned that the charges are likely just the opening […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.