Daily NCSC-FI news followup 2020-09-04

FBI: Thousands of orgs targeted by RDoS extortion campaign

www.bleepingcomputer.com/news/security/fbi-thousands-of-orgs-targeted-by-rdos-extortion-campaign/ The FBI recommended US companies that received such ransom notes from the criminal gang behind this ongoing RDoS campaign not to pay the criminals’ ransom.

Warner Music Group finds hackers compromised its online stores

www.bleepingcomputer.com/news/security/warner-music-group-finds-hackers-compromised-its-online-stores/ Warner Music Group (WMG), the third-largest global music recording company, has disclosed a data breach affecting customers’ personal and financial information after several of its US-based e-commerce stores were hacked in April 2020 in what looks like a Magecart attack.

Microsoft Defender can ironically be used to download malware

www.bleepingcomputer.com/news/microsoft/microsoft-defender-can-ironically-be-used-to-download-malware/ Legitimate operating system files that can be abused for malicious purposes are known as living-off-the-land binaries or LOLBINs. In a recent Microsoft Defender update, the command-line MpCmdRun.exe tool has been updated to include the ability to download files from a remote location, which could be abused by attackers.

Miami-Dade school district is targeted by 14 denial-of-service attacks in its first three days of virtual learning, leaving students and teachers unable to log in for classes

www.dailymail.co.uk/news/article-8690629/Miami-Dade-school-district-targeted-14-cyber-attacks-three-days-virtual-learning.html

Australia to embed intelligence officers within some private companies

uk.reuters.com/article/uk-australia-security/australia-to-embed-intelligence-officers-within-some-private-companies-cyber-chief-idUKKBN25S3TQ Citing estimates that cyber attacks on businesses and households are costing about A$29 billion (16.03 billion pounds) or 1.5% of the country’s Gross Domestic Product, Australia said last month it would spend A$1.66 billion over the next 10 years to strengthen companies’ cyber defences.

You might be interested in …

Daily NCSC-FI news followup 2021-03-13

Protecting on-premises Exchange Servers against recent attacks www.microsoft.com/security/blog/2021/03/12/protecting-on-premises-exchange-servers-against-recent-attacks/ For the past few weeks, Microsoft and others in the security industry have seen an increase in attacks against on-premises Exchange servers. The target of these attacks is a type of email server most often used by small and medium-sized businesses, although larger organizations with on-premises Exchange […]

Read More

Daily NCSC-FI news followup 2019-08-25

Kiristyshaittaohjelmat pistävät kaupunkien sisun koetukselle ympäri Amerikkaa www.nytimes.com/2019/08/22/us/ransomware-attacks-hacking.html Android 10 julkaisu tulee korjaamaan melkein kaksisataa tietoturvaongelmaa. www.forbes.com/sites/daveywinder/2019/08/23/android-10-google-confirms-193-security-vulnerabilities-need-fixing/ Hostinger: Jopa 14 miljoonaa asiakasta tietomurron uhrina. Salasanat vaihdettu turvatoimena. www.hostinger.com/blog/security-incident-what-you-need-to-know/ Webmin liittyy Pulse Securen ja Fortigaten joukkoon, kun rikolliset aktiivisesti yrittävät hyväksikäyttää viimeaikaisia tietoturvahaavoittuvuuksia. www.zdnet.com/article/hackers-mount-attacks-on-webmin-servers-pulse-secure-and-fortinet-vpns/ Tekninen analyysi APT34 (OilRig, CobaltGypsy) TwoFace webshell – -työkalusta. www.emanueledelucia.net/a-dive-into-apt34-aka-oilrig-aka-cobalt-gypsy-twoface-webshell/

Read More

Daily NCSC-FI news followup 2020-10-20

Ruotsi rajaa kiinalaisyhtiöiden tekniikan pois 5G-verkostaan turvallisuuspoliisin ja puolustusvoimien suosituksesta yle.fi/uutiset/3-11603515 Ruotsi on päättänyt estää Huawein ja ZTE:n tekniikan käyttämisen maan 5G-verkkoa rakennettaessa. Kyseessä ovat kiinalaiset yhtiöt.. katso myös www.is.fi/digitoday/mobiili/art-2000006675870.html NSA: Top 25 vulnerabilities actively abused by Chinese hackers www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/ The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.