Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-07-28

Älykelloissa käytettävät Garmin-sovellukset toimivat jälleen usean päivän jälkeen yhtiö myöntää olleensa kyberhyökkäyksen kohde

yle.fi/uutiset/3-11467797 Muun muassa älykelloja valmistava Garmin myöntää olleensa kyberhyökkäyksen kohteena. Yhtiön mukaan sen sovellukset olivat maanantaina palaamassa jälleen toimintaan usean päiävän käyttökatkon jälkeen. Niiden pitäisi palautua normaaleiksi muutaman päivän kuluessa. Lisäksi

www.forbes.com/sites/barrycollins/2020/07/28/garmin-risks-repeat-attack-if-it-paid-10-million-ransom/ ja

www.tivi.fi/uutiset/tv/5beb6fe2-dc58-4e3b-9494-0ab3284c8ffd. ja

www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/. Lisäksi

arstechnica.com/information-technology/2020/07/garmans-four-day-service-meltdown-was-caused-by-ransomware/ ja www.is.fi/digitoday/tietoturva/art-2000006584082.html ja

www.zdnet.com/article/garmin-begins-to-restore-garmin-connect-features-services. Lisäksi

www.mtvuutiset.fi/artikkeli/hakkerit-loivat-alykellovalmistaja-garminin-polvilleen-maksakaa-rahaa-niin-saatte-tiedostot-takaisin-kayttoonne/7881604

Lazarus on the hunt for big game

securelist.com/lazarus-on-the-hunt-for-big-game/97757/ We may only be six months in, but there’s little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. Lisäksi

www.bleepingcomputer.com/news/security/north-korean-hackers-created-vhd-ransomware-for-enterprise-attacks/ ja

www.zdnet.com/article/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware

Industrial VPN vulnerabilities put critical infrastructure at risk

www.bleepingcomputer.com/news/security/industrial-vpn-vulnerabilities-put-critical-infrastructure-at-risk/ Security researchers analyzing popular remote access solutions used for industrial control systems (ICS) found multiple vulnerabilities that could let unauthenticated attackers execute arbitrary code and breach the environment. The flaws are in virtual private network (VPN) implementations and adversaries could exploit them cause physical damage by connecting to field devices and programmable logic controllers (PLCs). Lisäksi

www.claroty.com/2020/07/28/vpn-security-flaws/

CISO concern grows as ransomware plague hits close to home – The hitting of Fortune 500 companies with malware is starting to ring alarm bells

www.zdnet.com/article/ciso-concern-grows-as-ransomware-plague-hits-close-to-home Garmin is currently wrestling with a ransomware-induced outage, and locally in Australia, 2020 has seen ransomware take out major companies and threaten beer supplies when it hit logistics giant Toll and beverage company Lion. Toll has only recently recovered from its second dose of the year.

EMOTET reemerges after months in hiding

www.pandasecurity.com/mediacenter/adaptive-defense/malware-emotet-reemerges/ In this latest reappearance, Emotet has returned to one of its favorite attack vectors: a massive spam campaign with malicious links or attachments. Looking back over its history, malspam has been the prime channel through which Emotet has spread.

Promo.com discloses data breach after 22M user records leaked online

www.bleepingcomputer.com/news/security/promocom-discloses-data-breach-after-22m-user-records-leaked-online/ Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. Promo is a web site that allows you to create promotional videos or ads that can then be shared on social networks such as Facebook, Instagram, Twitter, and LinkedIn.

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

thehackernews.com/2020/07/docker-linux-malware.html Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud. Lisäksi

www.zdnet.com/article/new-linux-malware-uses-dogecoin-api-to-find-c-c-server-addresse

Google’s new transatlantic data cable to land in Cornwall

www.bbc.com/news/technology-53553580 The tech giant says it is incorporating new technology into the cable, which it claims is a significant upgrade to older existing lines. The project is expected to be completed by 2022.

Magento gets security updates for severe code execution bugs

www.bleepingcomputer.com/news/security/magento-gets-security-updates-for-severe-code-execution-bugs/ Adobe today released security updates to fix two code execution vulnerabilities affecting Magento Commerce and Magento Open Source, rated as important and critical severity

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.