Daily NCSC-FI news followup 2020-08-18

Emotet-haittaohjelmaa levitetään aktiivisesti Suomessa

www.kyberturvallisuuskeskus.fi/fi/emotet-haittaohjelmaa-levitetaan-aktiivisesti-suomessa Emotet-haittaohjelmaa levitetään sähköpostitse suomalaisten organisaatioiden nimissä. Haittaohjelmahyökkäyksen tarkoituksena on varastaa organisaatioista tietoja, ja samalla hyökkäyksellä on mahdollista tunkeutua verkkoon syvemmälle ja käynnistää esimerkiksi kiristyshaittaohjelmahyökkäys. Hyökkäyskampanja on näkynyt aktiivisena 17.8.2020 alkaen.. see also


World’s largest cruise line operator discloses ransomware attack

www.zdnet.com/article/worlds-largest-cruise-line-operator-discloses-ransomware-attack/ Carnival Corp says it suffered a ransomware attack on Saturday, August 15, and that hackers stole some of its data.

EmoCrash Exploit Stoppered Emotet For 6 Months

threatpost.com/emocrash-exploit-emotet-6-months/158414/ A researcher developed a killswitch exploiting a buffer overflow in Emotet preventing the malware from infecting systems for six months.

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

thehackernews.com/2020/08/jenkins-server-vulnerability.html Jenkinsa popular open-source automation server softwarepublished an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed.

IcedID Trojan Rebooted with New Evasive Tactics

threatpost.com/icedid-trojan-rebooted-evasive-tactics/158425/ Juniper identifies phishing campaign targeting business customers with malware using password protection, among other techniques, to avoid detection.

US Army report says many North Korean hackers operate from abroad

www.zdnet.com/article/us-army-report-says-many-north-korean-hackers-operate-from-abroad/ US Army says many North Korean hackers are actually located outside the hermit kingdom, in countries like Belarus, China, India, Malaysia, and Russia.

COVID-19 Pandemic Persists While Extortion Ransomware Operators Run Rampant

www.recordedfuture.com/pandemic-ransomware-operators/ Two major trends in malware development and deployment dominated headlines throughout the first half of 2020: COVID-19 and extortion ransomware. 2020 has been a challenging year, and the cyber threat landscape was no exception.

Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs

www.zdnet.com/article/ukraine-arrests-gang-who-ran-20-crypto-exchanges-and-laundered-money-for-ransomware-gangs/ Gang is believed to have laundered more than $42 million in criminal proceeds.

Please stop hard-wiring AWS credentials in your code. Looking at you, uni COVID-19 track-and-test app makers

www.theregister.com/2020/08/17/albion_college_coronavirus_tracking_app/ Albion College has a plan for students to return safely to campus this fall amid the COVID-19 coronavirus pandemic. It involves being tracked by an app that, at least until a few days ago, appears to have been insecure.

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

threatpost.com/large-orgs-plagued-bugs-patch-backlogs/158433/ Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.

How cybercriminals victimize WoW players

www.kaspersky.com/blog/wow-phishing/36752/ How attackers hunt for Battle.net accounts in World of Warcraft, aiming to get valuable content.

Tämä tietoturvatiimien sokea piste kasvaa koronan myötä

www.tivi.fi/uutiset/tv/94f4b44d-231e-4182-94bf-96d676d83a4f Yrityksillä ei ole keinoja sanella sitä, millaisia iot-laitteita etätyötä tekevät kotiverkoissaan käyttävät. It-osastoilla on aika vähän vaihtoehtoja suojata firmojen tärkeää dataomaisuutta.

You might be interested in …

Daily NCSC-FI news followup 2019-11-07

Microsoft crams Office 365 docs into Edge-style sandboxes to thwart malware infections www.theregister.co.uk/2019/11/07/ignite_2019_security/ Your guide to some of the security enhancements announced this week. Office 365 will be getting additional security protections through Application Guard, the sandboxing tool Microsoft debuted with its Edge browser. The idea is that Application Guard will isolate documents, preventing malicious […]

Read More

Daily NCSC-FI news followup 2021-05-20

China could soon have stronger privacy laws than the U.S. www.protocol.com/china/china-privacy-laws-surpass-usa In late April, China unveiled the second draft of the country’s privacy law, the Personal Information Protection Law, for public comment. The law is expected to pass by the end of the year, and would shield Chinese internet users from excessive data collection and […]

Read More

Daily NCSC-FI news followup 2020-06-09

CallStranger UPnP bug allows data theft, DDoS attacks, LAN scans www.bleepingcomputer.com/news/security/callstranger-upnp-bug-allows-data-theft-ddos-attacks-lan-scans/ A vulnerability in the Universal Plug and Play protocol implemented in billions of devices can be exploited to exfiltrate data, turn them into bots for distributed denial-of-service attacks (DDoS), and scan internal networks. US energy providers hit with new malware in targeted attacks www.bleepingcomputer.com/news/security/us-energy-providers-hit-with-new-malware-in-targeted-attacks/ […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.