Emotet palasi kesälomalta ja on jälleen aktiivinen Miten pienennät riskiä ympäristössäsi?
blog.f-secure.com/fi/emotet-palasi-kesalomalta-ja-on-jalleen-aktiivinen-miten-pienennat-riskia-ymparistossasi/ Emotet-haittaohjelma on jälleen aktivoitunut rauhallisemman kevään ja kesän jälkeen. Vuodesta 2014 toiminut troijalainen on ollut vaihtelevasti tauolla, mutta jälleen on havaittavissa poikkeuksellisen voimakasta toimintaa.. Kyberturvallisuuskeskus varoitti 18.8.2020 organisaatioita haittaohjelman poikkeuksellisen aktiivisesta leviämisestä suomalaisten organisaatioiden keskuudessa ja uhka on luokiteltu tällä hetkellä vakavaksi
Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2
thehackernews.com/2020/08/windows-update-download.html Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities.
Google-sähköpostin ongelmat pääosin korjattu
yle.fi/uutiset/3-11503340 Tietotekniikkayhtiö Googlen Gmail-sähköpostissa on ollut toimintahäiriöitä tämän aamupäivän aikana.
Google fixes major Gmail bug seven hours after exploit details go public
www.zdnet.com/article/google-fixes-major-gmail-bug-seven-hours-after-exploit-details-go-public/ Attackers could have sent spoofed emails mimicking any Gmail or G Suite customer.. see also
Taas uusi Microsoft-huijaus: Helsinkiläismieheltä vietiin 100 000 euroa
www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/taas_uusi_microsoft-huijaus_helsinkilaismiehelta_vietiin_100_000_euroa_92746 Helsinkiläisen miehen pankkitililtä vietiin satatuhatta euroa niin sanotun Microsoftin tekninen tuki -huijauksen avulla. Miehelle oli soitettu ja väitetty, että soittaja oli Microsoftilta ja että miehen tietokone olisi joutunut hakkeroinnin kohteeksi. Miestä pyydettiin asentamaan etäyhteyden mahdollistava ohjelma TeamViewer, antamaan nettipankkitunnukset sekä näyttämään ajokorttinsa.
Transparent Tribe: Evolution analysis, part 1
securelist.com/transparent-tribe-part-1/98127/ Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group.
IBM AI-Powered Data Management Software Subject to Simple Exploit
threatpost.com/ibm-ai-powered-data-management-software-subject-exploit/158497/ A low-privileged process on a vulnerable machine could allow data harvesting and DoS.
Analyzing the Threat of Ransomware Attacks Against US Elections
www.recordedfuture.com/us-elections-ransomware-threats/ The threat of a ransomware attack against elections in the United States has been a growing concern within the government and the private sector. We already know that threat actors managed to infiltrate the networks of election offices in multiple states, and according to a Senate Intelligence Report, those same adversaries were targeting all 50 states.. see full report
go.recordedfuture.com/hubfs/reports/cta-2020-0820.pdf
Thanks for the memories… now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks ‘5% of stolen files’
www.theregister.com/2020/08/20/maze_crew_sk_hynix/ The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole.
Experian South Africa discloses data breach impacting 24 million customers
www.zdnet.com/article/experian-south-africa-discloses-data-breach-impacting-24-million-customers/ Experian said the attacker was identified and its data deleted from the fraudster’s devices.
Office 365 Mail Forwarding Rules (and other Mail Rules too)
isc.sans.edu/forums/diary/Office+365+Mail+Forwarding+Rules+and+other+Mail+Rules+too/26484/
Facebook tightens screws on QAnon and US militia groups
www.zdnet.com/article/facebook-tightens-screws-on-qanon-and-us-militia-groups/ Social network says it has booted 790 QAnon groups and 980 groups related to US militias, which Facebook said includes some antifa.
The impact of COVID-19 on healthcare cybersecurity
blog.malwarebytes.com/vital-infrastructure/2020/08/the-impact-of-covid-19-on-healthcare-cybersecurity/ As if stress levels in the healthcare industry werent high enough due to the COVID-19 pandemic, risks to its already fragile cybersecurity infrastructure are at an all-time high. From increased cyberattacks to exacerbated vulnerabilities to costly human errors, if healthcare cybersecurity wasnt circling the drain before, COVID-19 sent it into a tailspin.
Abnormals Q2 BEC Report Uncovers Ongoing, Accelerated Trends in Pandemic-related Email Security Attacks
20 percent of organizations experienced breach due to remote worker, Labs report reveals
How Unsecure gRPC Implementations Can Compromise APIs, Applications
Bug bounty platform ZDI awarded $25m to researchers over the past 15 years
www.zdnet.com/article/bug-bounty-platform-zdi-awarded-25m-to-researchers-over-the-past-15-years/ Bug bounty platform pioneer Zero-Day Initiative (ZDI) is celebrating its 15-year-old birthday this year.