Daily NCSC-FI news followup 2020-08-18

Emotet-haittaohjelmaa levitetään aktiivisesti Suomessa

www.kyberturvallisuuskeskus.fi/fi/emotet-haittaohjelmaa-levitetaan-aktiivisesti-suomessa Emotet-haittaohjelmaa levitetään sähköpostitse suomalaisten organisaatioiden nimissä. Haittaohjelmahyökkäyksen tarkoituksena on varastaa organisaatioista tietoja, ja samalla hyökkäyksellä on mahdollista tunkeutua verkkoon syvemmälle ja käynnistää esimerkiksi kiristyshaittaohjelmahyökkäys. Hyökkäyskampanja on näkynyt aktiivisena 17.8.2020 alkaen.. see also


World’s largest cruise line operator discloses ransomware attack

www.zdnet.com/article/worlds-largest-cruise-line-operator-discloses-ransomware-attack/ Carnival Corp says it suffered a ransomware attack on Saturday, August 15, and that hackers stole some of its data.

EmoCrash Exploit Stoppered Emotet For 6 Months

threatpost.com/emocrash-exploit-emotet-6-months/158414/ A researcher developed a killswitch exploiting a buffer overflow in Emotet preventing the malware from infecting systems for six months.

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

thehackernews.com/2020/08/jenkins-server-vulnerability.html Jenkinsa popular open-source automation server softwarepublished an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed.

IcedID Trojan Rebooted with New Evasive Tactics

threatpost.com/icedid-trojan-rebooted-evasive-tactics/158425/ Juniper identifies phishing campaign targeting business customers with malware using password protection, among other techniques, to avoid detection.

US Army report says many North Korean hackers operate from abroad

www.zdnet.com/article/us-army-report-says-many-north-korean-hackers-operate-from-abroad/ US Army says many North Korean hackers are actually located outside the hermit kingdom, in countries like Belarus, China, India, Malaysia, and Russia.

COVID-19 Pandemic Persists While Extortion Ransomware Operators Run Rampant

www.recordedfuture.com/pandemic-ransomware-operators/ Two major trends in malware development and deployment dominated headlines throughout the first half of 2020: COVID-19 and extortion ransomware. 2020 has been a challenging year, and the cyber threat landscape was no exception.

Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs

www.zdnet.com/article/ukraine-arrests-gang-who-ran-20-crypto-exchanges-and-laundered-money-for-ransomware-gangs/ Gang is believed to have laundered more than $42 million in criminal proceeds.

Please stop hard-wiring AWS credentials in your code. Looking at you, uni COVID-19 track-and-test app makers

www.theregister.com/2020/08/17/albion_college_coronavirus_tracking_app/ Albion College has a plan for students to return safely to campus this fall amid the COVID-19 coronavirus pandemic. It involves being tracked by an app that, at least until a few days ago, appears to have been insecure.

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

threatpost.com/large-orgs-plagued-bugs-patch-backlogs/158433/ Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.

How cybercriminals victimize WoW players

www.kaspersky.com/blog/wow-phishing/36752/ How attackers hunt for Battle.net accounts in World of Warcraft, aiming to get valuable content.

Tämä tietoturvatiimien sokea piste kasvaa koronan myötä

www.tivi.fi/uutiset/tv/94f4b44d-231e-4182-94bf-96d676d83a4f Yrityksillä ei ole keinoja sanella sitä, millaisia iot-laitteita etätyötä tekevät kotiverkoissaan käyttävät. It-osastoilla on aika vähän vaihtoehtoja suojata firmojen tärkeää dataomaisuutta.

You might be interested in …

Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. North […]

Read More

Daily NCSC-FI news followup 2019-11-24

CNAME Cloaking, the dangerous disguise of third-party trackers medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a What has started to happen in the last few months in the world of third-party tracking is having a major impact on peoples privacy, and it all stayed pretty much under the radar. How to Avoid Black Friday Scams Online www.wired.com/story/how-to-avoid-black-friday-scams-online/ Black Friday attracts crowds, and […]

Read More

Daily NCSC-FI news followup 2021-07-02

Microsoft shares mitigations for Windows PrintNightmare zero-day bug www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/ Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. Lisäksi: www.fortinet.com/blog/threat-research/fortinet-releases-ips-signature-microsoft-printnightmare-vulnerability. Lisäksi: www.theregister.com/2021/07/01/printnightmare_windows_fix/. Lisäksi: us-cert.cisa.gov/ncas/current-activity/2021/06/30/printnightmare-critical-windows-print-spooler-vulnerability Microsoft warns of critical PowerShell 7 code execution vulnerability www.bleepingcomputer.com/news/security/microsoft-warns-of-critical-powershell-7-code-execution-vulnerability/ Microsoft warns of a critical.NET Core remote […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.