Daily NCSC-FI news followup 2020-08-10

Onko Android-puhelimessasi haittaohjelma? Nämä oireet enteilevät pahaa

www.is.fi/digitoday/tietoturva/art-2000006594928.html Haittaohjelmat uhkaavat Android-käyttäjiä jopa virallisessa Google Play -latauskaupassa. Niiden aiheuttamat vahingot voivat näkyä esimerkiksi puhelinlaskussa, mutta haittaohjelman voi usein tunnistaa jo ennen sitä tarkkailemalla puhelimen käytöstä.

FBI says an Iranian hacking group is attacking F5 networking devices

www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/ Sources: Attacks linked to a hacker group known as Fox Kitten (or Parisite), considered Iran’s “spear tip” when it comes to cyber-attacks. A group of elite hackers associated with the Iranian government has been detected attacking the US private and government sector, according to a security alert sent by the FBI last week.

SBA phishing scams: from malware to advanced social engineering

blog.malwarebytes.com/scams/2020/08/sba-phishing-scams-from-malware-to-advanced-social-engineering/ A number of threat actors continue to take advantage of the ongoing coronavirus pandemic through phishing scams and other campaigns distributing malware.

DDoS Attacks Cresting Amid Pandemic

threatpost.com/ddos-attacks-cresting-pandemic/158211/ Attacks were way up year-over-year in the second quarter as people continue to work from home. The number of distributed denial-of-service (DDoS) attacks spiked in the second quarter of 2020, researchers said. According to the latest Kaspersky quarterly DDoS attacks report, DDoS events were three times more frequent in comparison to the second quarter last year (up 217 percent), and were up 30 percent from the number of DDoS attacks observed in the first quarter of 2020. Read also:

securelist.com/ddos-attacks-in-q2-2020/98077/

Suomalainen tietoturva-startup voitolliseksi jo kahdessa vuodessa Kryptografia on tarkkaa bisnestä: “Isolta firmalta vaatii rohkeutta tilata kriittisiä toimintoja pienemmältä tekijältä”

www.kauppalehti.fi/uutiset/suomalainen-tietoturva-startup-voitolliseksi-jo-kahdessa-vuodessa-kryptografia-on-tarkkaa-bisnesta-isolta-firmalta-vaatii-rohkeutta-tilata-kriittisia-toimintoja-pienemmal… Otaniemeläinen tietoturva-alan kasvuyhtiö Xiphera katsoo, että laitteistopohjainen kryptografia olisi usein turvallisempi ratkaisu tietojen salaamiseen kuin tavanomainen ohjelmistoihin perustuva salaus. Tarve korostuu kriittisissä käyttötarkoituksissa, kuten teollisuusautomaatiossa ja kriittisessä infrastruktuurissa. Näissä kohteissa laitteistollinen salaus onkin alkanut yleistyä viime vuosina, Xipheran toimitusjohtaja ja toinen perustajaosakas Matti Tommiska sanoo. Xiphera ei kuitenkaan itse tuota konkreettisia laitteita, vaan suunnittelee salaustoiminnallisuuksia fyysisesti ohjelmoitaviin fpga-piireihin. Teollisuusautomaation lisäksi esimerkkisovelluksia fpga-pohjaiselle fyysiselle tietoturvalle ovat esineiden internet, etäohjaus, hajautettu laskenta sekä korkean tietoturvan viestintä.

Bulletin (SB20-223) – Vulnerability Summary for the Week of August 3, 2020

us-cert.cisa.gov/ncas/bulletins/sb20-223 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Office Drama on macOS – infecting macOS via macro-laden documents and 0days

objective-see.com/blog/blog_0x4B.html

You might be interested in …

Daily NCSC-FI news followup 2019-06-28

Exclusive: Western intelligence hacked ‘Russia’s Google’ Yandex to spy on accounts – sources www.reuters.com/article/us-usa-cyber-yandex-exclusive/exclusive-western-intelligence-hacked-russias-google-yandex-to-spy-on-accounts-sources-idUSKCN1TS2SX Hackers working for Western intelligence agencies broke into Russian internet search company Yandex in late 2018 deploying a rare type of malware in an attempt to spy on user accounts, four people with knowledge of the matter told Reuters.. The malware, […]

Read More

Daily NCSC-FI news followup 2021-09-16

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus us-cert.cisa.gov/ncas/alerts/aa21-259a The FBI, CISA, and CGCYBER assess that advanced persistent threat (APT) cyber actors are likely among those exploiting the vulnerability. The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use […]

Read More

Daily NCSC-FI news followup 2020-02-23

U.S. Defense Agency That Secures Trumps Communications Confirms Data Breach www.forbes.com/sites/daveywinder/2020/02/21/us-defense-agency-that-secures-trumps-communications-confirms-data-breach/ The Department of Defense agency responsible for securing the communications of President Trump has suffered a data breach. Heres what is known so far. Governments of the world just ramped up spying on reporters www.cjr.org/first_person/ft-nations-surveillance-attacks.php Transparent Tribe: Four Years Later blog.yoroi.company/research/transparent-tribe-four-years-later/ Operation Transparent Tribe […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.