Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-09-05

Suomi ennakoi 5g:n tuomia riskejä – Supo mukana arvioimassa laitteita

www.kauppalehti.fi/uutiset/suomi-ennakoi-5gn-tuomia-riskeja-supo-mukana-arvioimassa-laitteita/15541875-2408-4a72-9f79-7e8f1922ef38 Tuleva lakimuutos mahdollistaa verkoista kansallisesti vaaralliseksi arvioitavien verkkolaitteiden poistamisen. “Tämä on osittain liitoksissa 5g-turvallisuuteen, mutta laissa ei ole tarkoituksena millään tavalla jonkin verkkolaitevalmistajan säänteleminen tai markkinoilta poistaminen. Laki lähtee aivan neutraalista näkökulmasta”, johtaja Jukka-Pekka Juutinen Traficomista kertoo.

Australian Cyber Security Centre (ACSC) releases cyber report 2019-2020

www.cyber.gov.au/acsc/view-all-content/news/new-acsc-report-details-cyber-threats-across-australia The inaugural ACSC Annual Cyber Threat Report: July 2019 to June 2020 has been developed with our law enforcement partners, the Australian Federal Police and the Australian Criminal Intelligence Commission, to provide important information about emerging cyber security and cybercrime threats impacting different sectors of the Australian economy.

ACSC has also developed information to help the community buy and use internet-connected devices securely – such as smart fridges, smart televisions, baby monitors and security cameras

www.cyber.gov.au/acsc/view-all-content/news/advice-users-and-manufacturers-internet-things-devices The Australian Government has released a voluntary Code of Practice to improve the security of the Internet of Things (IoT) in Australia – including everyday devices such as smart fridges, smart televisions, baby monitors and security cameras.

FBI issues second alert about ProLock ransomware stealing data

www.bleepingcomputer.com/news/security/fbi-issues-second-alert-about-prolock-ransomware-stealing-data/ The boost in activity was most likely caused by partnering with the QakBot banking trojan gang which made it a lot easier to gain access to new victims’ networks.

White House publishes a cyber-security rulebook for space systems

www.zdnet.com/article/white-house-publishes-a-cyber-security-rulebook-for-space-systems/ The new rules, detailed in Space Policy Directive-5 (SPD-5), are meant to establish a cybersecurity baseline for all space-bound craft, systems, networks, and communications channels built and operated by US government agencies and commercial space entities. “Examples of malicious cyber activities harmful to space operations include spoofing sensor data; corrupting sensor systems; jamming or sending unauthorized commands for guidance and control; injecting malicious code; and conducting denial-of-service attacks, ” said officials.

Researchers find a way to spot security fixes from Linux kernel with data mining

www.theregister.com/2020/09/04/linux_kernel_flaws/ Researchers affiliated with BMW, Siemens, and two German universities have found that they can detect Linux kernel security fixes before they get released, insight that could allow miscreants to develop and deploy exploit code for which there’s no defense. In an ArXiv-distributed paper titled, “The Sound of Silence: Mining Security Vulnerabilities from Secret Integration Channels in Open-Source Projects, ” researchers outline a data mining scheme that amounts to a side channel attack on the open source vulnerability disclosure process. PDF: arxiv.org/pdf/2009.01694.pdf

Cybersecurity – the new dimension of automotive quality

www.kaspersky.com/blog/cybersecurity-automotive/36924/ Modern computerized car require a secure-by-design platform. And that’s just what we’ve come up with. A car today is basically a specialized computer – a ‘cyber-brain’, controlling the mechanics-and-electrics we traditionally associate with the word ‘car’ – – the engine, the brakes, the turn indicators, the windscreen wipers, the air conditioner, and in fact everything else.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.