Daily NCSC-FI news followup 2020-08-20

Emotet palasi kesälomalta ja on jälleen aktiivinen Miten pienennät riskiä ympäristössäsi?

blog.f-secure.com/fi/emotet-palasi-kesalomalta-ja-on-jalleen-aktiivinen-miten-pienennat-riskia-ymparistossasi/ Emotet-haittaohjelma on jälleen aktivoitunut rauhallisemman kevään ja kesän jälkeen. Vuodesta 2014 toiminut troijalainen on ollut vaihtelevasti tauolla, mutta jälleen on havaittavissa poikkeuksellisen voimakasta toimintaa.. Kyberturvallisuuskeskus varoitti 18.8.2020 organisaatioita haittaohjelman poikkeuksellisen aktiivisesta leviämisestä suomalaisten organisaatioiden keskuudessa ja uhka on luokiteltu tällä hetkellä vakavaksi

Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2

thehackernews.com/2020/08/windows-update-download.html Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities.

Google-sähköpostin ongelmat pääosin korjattu

yle.fi/uutiset/3-11503340 Tietotekniikkayhtiö Googlen Gmail-sähköpostissa on ollut toimintahäiriöitä tämän aamupäivän aikana.

Google fixes major Gmail bug seven hours after exploit details go public

www.zdnet.com/article/google-fixes-major-gmail-bug-seven-hours-after-exploit-details-go-public/ Attackers could have sent spoofed emails mimicking any Gmail or G Suite customer.. see also


Taas uusi Microsoft-huijaus: Helsinkiläismieheltä vietiin 100 000 euroa

www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/taas_uusi_microsoft-huijaus_helsinkilaismiehelta_vietiin_100_000_euroa_92746 Helsinkiläisen miehen pankkitililtä vietiin satatuhatta euroa niin sanotun Microsoftin tekninen tuki -huijauksen avulla. Miehelle oli soitettu ja väitetty, että soittaja oli Microsoftilta ja että miehen tietokone olisi joutunut hakkeroinnin kohteeksi. Miestä pyydettiin asentamaan etäyhteyden mahdollistava ohjelma TeamViewer, antamaan nettipankkitunnukset sekä näyttämään ajokorttinsa.

Transparent Tribe: Evolution analysis, part 1

securelist.com/transparent-tribe-part-1/98127/ Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group.

IBM AI-Powered Data Management Software Subject to Simple Exploit

threatpost.com/ibm-ai-powered-data-management-software-subject-exploit/158497/ A low-privileged process on a vulnerable machine could allow data harvesting and DoS.

Analyzing the Threat of Ransomware Attacks Against US Elections

www.recordedfuture.com/us-elections-ransomware-threats/ The threat of a ransomware attack against elections in the United States has been a growing concern within the government and the private sector. We already know that threat actors managed to infiltrate the networks of election offices in multiple states, and according to a Senate Intelligence Report, those same adversaries were targeting all 50 states.. see full report


Thanks for the memories… now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks ‘5% of stolen files’

www.theregister.com/2020/08/20/maze_crew_sk_hynix/ The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole.

Experian South Africa discloses data breach impacting 24 million customers

www.zdnet.com/article/experian-south-africa-discloses-data-breach-impacting-24-million-customers/ Experian said the attacker was identified and its data deleted from the fraudster’s devices.

Office 365 Mail Forwarding Rules (and other Mail Rules too)


Facebook tightens screws on QAnon and US militia groups

www.zdnet.com/article/facebook-tightens-screws-on-qanon-and-us-militia-groups/ Social network says it has booted 790 QAnon groups and 980 groups related to US militias, which Facebook said includes some antifa.

The impact of COVID-19 on healthcare cybersecurity

blog.malwarebytes.com/vital-infrastructure/2020/08/the-impact-of-covid-19-on-healthcare-cybersecurity/ As if stress levels in the healthcare industry werent high enough due to the COVID-19 pandemic, risks to its already fragile cybersecurity infrastructure are at an all-time high. From increased cyberattacks to exacerbated vulnerabilities to costly human errors, if healthcare cybersecurity wasnt circling the drain before, COVID-19 sent it into a tailspin.

Abnormals Q2 BEC Report Uncovers Ongoing, Accelerated Trends in Pandemic-related Email Security Attacks


20 percent of organizations experienced breach due to remote worker, Labs report reveals


How Unsecure gRPC Implementations Can Compromise APIs, Applications


Bug bounty platform ZDI awarded $25m to researchers over the past 15 years

www.zdnet.com/article/bug-bounty-platform-zdi-awarded-25m-to-researchers-over-the-past-15-years/ Bug bounty platform pioneer Zero-Day Initiative (ZDI) is celebrating its 15-year-old birthday this year.

You might be interested in …

Daily NCSC-FI news followup 2020-09-19

5 ways cybercriminals can try to extort you www.welivesecurity.com/2020/09/18/five-cybercriminals-extortion-schemes/ When it comes to coercing people into parting with their money, cybercriminals seem to have an endless bag of tricks to choose from. There are some tricks, that they favor more than others, one of which is extortion. According to the FBIs latest Internet Crime Report, […]

Read More

Daily NCSC-FI news followup 2020-02-11

Will an immobilizer save your car from being stolen? www.kaspersky.com/blog/36c3-immobilizers/32419/ Automobiles are getting ever smarter, and cracking them with a crowbar and a screwdriver is getting ever more difficult. Statistics back up that assumption: According to research from Jan C. van Ours and Ben Vollaard highlighting car theft and recovery data, vehicle theft decreased by […]

Read More

Daily NCSC-FI news followup 2021-01-21

Digitaalinen turvallisuus 2030 -ohjelma kehittää yhteiskunnan kyberhäiriöiden sietokykyä www.huoltovarmuuskeskus.fi/digitaalinen-turvallisuus-2030-ohjelma-kehittaa-yhteiskunnan-kyberhairioiden-sietokykya/ Huoltovarmuuskeskus käynnistää laajan ohjelmakokonaisuuden, jonka tarkoituksena on kehittää yhteiskunnan sietokykyä kyberhäiriöitä vastaan. Digitaalinen turvallisuus 2030 -ohjelman painopisteet ovat kyberhäiriöihin varautuminen, toimintakyky häiriöiden sattuessa, yhteistyö yhteiskunnan ja yritysmaailman eri toimijoiden välillä sekä tulevaisuuden ilmiöiden ennakointi. Ohjelma on osa Suomen kansallisen kyberturvallisuusstrategian toteutusta. Ransomware is now the biggest […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.