Daily NCSC-FI news followup 2020-07-29

www.zdnet.com/article/hacker-gang-behind-garmin-attack-doesnt-have-a-history-of-stealing-user-data

‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot

www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-systems-using-grub2-and-secure-boot The vulnerability, codenamed BootHole, allows attackers to tamper with the boot-loading process that precedes starting up the actual operating system (OS). Lisäksi: kb.cert.org/vuls/id/174059 ja

www.openwall.com/lists/oss-security/2020/07/29/3. Lisäksi:

www.bleepingcomputer.com/news/security/boothole-grub-bootloader-bug-lets-hackers-hide-malware-in-linux-windows/ ja www.theregister.com/2020/07/29/grub2_code_exec_flaw/ ja

eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

APT reports – APT trends report Q2 2020

securelist.com/apt-trends-report-q2-2020/97937/ For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of.

Cisco fixes severe flaws in data center management solution

www.bleepingcomputer.com/news/security/cisco-fixes-severe-flaws-in-data-center-management-solution/ Cisco today has released several security updates to address three critical authentication bypass, buffer overflow, and authorization bypass vulnerabilities found to affect Cisco Data Center Network Manager (DCNM) and multiple Cisco SD-WAN software products.

Critical Security Flaw in WordPress Plugin Allows RCE

threatpost.com/critical-rce-flaw-wordpress-plugin-on-70k-sites/157824/ Researchers are warning of a critical vulnerability in a WordPress plugin called Comments wpDiscuz, which is installed on more than 70, 000 websites. The flaw gives unauthenticated attackers the ability to upload arbitrary files (including PHP files) and ultimately execute remote code on vulnerable website servers. Lisäksi

www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-hosting-account/

Klassinen sähköpostimoka paljasti ison läjän tunnettujen teknologiavaikuttajien sähköposteja mukana myös Jeff Bezos

www.tivi.fi/uutiset/tv/d30ee2bf-2130-4801-89a4-27637e78e57e Uutiskirjepalvelu Substackilla kävi klassinen moka, kun yli 500 palvelun käyttäjän sähköpostiosoitteet paljastuivat, kirjoittaa Gizmodo. Mukana oli monia teknologiamaailmassa tunnettuja henkilöitä. Lisäksi

gizmodo.com/substack-just-accidentally-revealed-email-addresses-of-1844538889

Microsoft to remove all SHA-1 Windows downloads next week

www.zdnet.com/article/microsoft-to-remove-all-sha-1-windows-downloads-next-week Microsoft announced this week plans to remove all Windows-related file downloads from the Microsoft Download Center that are cryptographically signed with the Secure Hash Algorithm 1 (SHA-1). The files will be removed next Monday, on August 3, the company said on Tuesday. Lisäksi

www.bleepingcomputer.com/news/microsoft/microsoft-to-remove-all-windows-downloads-signed-with-sha-1/

Today’s mega’ data breaches now cost companies $392 million to recover from

www.zdnet.com/article/todays-mega-data-breaches-now-cost-companies-392-million-in-damages-lawsuits The average cost of a “mega” data breach has risen astronomically over the past year and enterprise players impacted by such a security incident can expect to pay up to $392 million.

You might be interested in …

Daily NCSC-FI news followup 2020-08-25

DDoS Hide & Seek: On the Effectiveness of a Booter Services Takedown labs.ripe.net/Members/daniel_kopp/ddos-hide-and-seek In this article, we investigated booter-based DDoS attacks in the wild and the impact of an FBI takedown targeting fifteen booter websites in December 2018. We investigated and compared attack properties of multiple booter services by launching DDoS attacks against our own […]

Read More

Daily NCSC-FI news followup 2019-12-23

Finnish government supports local authorities in cyber security initiative www.computerweekly.com/news/252475795/Finnish-government-supports-local-authorities-in-cyber-security-initiative Over 200 of Finlands 311 municipalities have joined the Local Government Anti Cyberspace Threats (LGACT) project to conduct joint IT network defence exercises. Venäjä testasi verkkoyhteyksiä ulkoisen hyökkäyksen varalta yle.fi/uutiset/3-11133312 Venäjän viranomaiset ilmoittavat varautuvansa ääritilanteeseen, jossa maa joutuisi maailmanlaajuisen verkon ulkopuolelle ja eristyksiin muusta maailmasta. […]

Read More

Daily NCSC-FI news followup 2021-07-21

Virtuaalivaluuttoihin liittyviä rahanpesuilmoituksia alkuvuonna yli 3, 4 miljoonaa kappaletta, kertoo KRP www.is.fi/digitoday/tietoturva/art-2000008140592.html Selvittelykeskus kirjasi kesäkuun loppuun mennessä rahanpesurekisteriin ennätykselliset yli 3466000 epäilyttävää liiketoimea tai epäiltyä terrorismin rahoittamista koskevaa ilmoitusta. Näistä noin 26600 tuli muilta kuin virtuaalivaluuttapalveluihin liittyviltä tahoilta. Suomi ja Singapore 6g-yhteistyöhön “Voimme saavuttaa molemminpuolista etua” www.tivi.fi/uutiset/tv/45e16ffc-1ba1-411e-87be-edbcd797803f Oulun yliopiston koordinoima 6g-teknologian tutkimus- ja kehitysohjelma 6g […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.