Daily NCSC-FI news followup 2020-09-09

Netwalker ransomware hits Pakistan’s largest private power utility

www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/ K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. In a Tor payment page seen by BleepingComputer, the ransomware operators demand a $3, 850, 000 ransom payment. If a ransom is not paid within another seven days, the ransom will increase to $7.7 million.

August 2020’s Most Wanted Malware

blog.checkpoint.com/2020/09/09/august-2020s-most-wanted-malware-evolved-qbot-trojan-ranks-on-top-malware-list-for-first-time/ Top-3: Emotet, Agent Tesla, Formbook

Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days

www.zdnet.com/article/ransomware-huge-rise-in-attacks-this-year-as-cyber-criminals-hunt-bigger-pay-days/ Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone – and attackers are continually evolving their tactics. “Looking into the evolution of last year’s ransomware families and how they’ve changed this year, most of them have actually gone down in numbers. This year’s popular ransomware families are not last year’s popular ransomware families, ” Liviu Arsene, global cybersecurity researcher at Bitdefender told ZDNet.

TeamTNT Gains Full Remote Takeover of Cloud Instances

threatpost.com/teamtnt-remote-takeover-cloud-instances/159075/ Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters.

Vulnerabilities in CodeMeter Licensing Product Expose ICS to Remote Attacks

www.securityweek.com/vulnerabilities-codemeter-licensing-product-expose-ics-remote-attacks CodeMeter can be used for a wide range of applications, but it’s often present in industrial products, including industrial PCs, IIoT devices, and controllers. Researchers at Claroty have discovered six vulnerabilities in CodeMeter, some of which could be exploited to launch attacks against industrial control systems (ICS), including to shut down devices or processes, deliver ransomware or other malware, or to execute further exploits.

Most cyber-security reports only focus on the cool threats

www.zdnet.com/article/most-cyber-security-reports-only-focus-on-the-cool-threats/ Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. In contrast, most of the reports produced by independent research centers were focused on the threats to civil society.

Phishing tricks – the Top Ten Treacheries of 2020

nakedsecurity.sophos.com/2020/09/04/phishing-tricks-the-top-ten-treacheries-of-2020/ Are business email users more likely to fall for sticks or carrots? For threats or free offers? For explicit instructions or helpful suggestions? For “you must” or “you might like”?. The answers covered a broad range of phishing themes, but had a common thread: not one of them was a threat.

You might be interested in …

Daily NCSC-FI news followup 2021-04-29

Prime targets: Governments shouldn’t go it alone on cybersecurity www.welivesecurity.com/2021/04/29/prime-targets-governments-shouldnt-go-it-alone-on-cybersecurity/ A year into the pandemic, ESET reveals new research into activities of the LuckyMouse APT group and considers how governments can rise to the cybersecurity challenges of the accelerated shift to digital “BadAlloc” Memory allocation vulnerabilities could affect wide range of IoT and OT devices […]

Read More

Daily NCSC-FI news followup 2021-03-25

Supon vuosikirja 2020: Terrorismin uhka-arviossa näkyy äärioikeiston muuttunut tilannekuva supo.fi/-/supon-vuosikirja-2020-terrorismin-uhka-arviossa-nakyy-aarioikeiston-muuttunut-tilannekuva Terrorismin uhka Suomessa on edelleen tasolla kaksi eli kohonnut. Suurin muutos on tapahtunut äärioikeistolaisen terrorismin tilannekuvassa. Koronapandemia vaikutti kybervakoilun kasvuun. Suojelupoliisi havaitsi poikkeuksellisen intensiivisiä valtiollisia kybervakoiluyrityksiä, jotka kohdistuivat Suomen ulko- ja turvallisuuspoliittisen päätöksenteon valmisteluun. Cybersecurity: Council adopts conclusions on the EU’s cybersecurity strategy www.consilium.europa.eu/en/press/press-releases/2021/03/22/cybersecurity-council-adopts-conclusions-on-the-eu-s-cybersecurity-strategy/ The […]

Read More

Daily NCSC-FI news followup 2021-06-01

Ruotsi ja Norja vaativat Tanskalta selvitystä vakoiluväitteistä yle.fi/uutiset/3-11955732 Mediatietojen mukaan Tanskan puolustusministeri olisi tiennyt jo viime elokuussa, että Yhdysvaltain Kansallisen turvallisuuden virasto NSA on vakoillut Tanskan kautta useiden liittolaismaiden poliitikkoja ja virkamiehiä. Ruotsin ja Norjan puolustusministerit vaativat Tanskalta selvitystä mediatiedoista, joiden mukaan Yhdysvallat olisi vakoillut Tanskan kautta niiden poliitikkoja ja virkamiehiä, kertoo muun muassa Tanskan […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.