Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia

www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080

Ransomware accounted for 41% of all cyber insurance claims in H1 2020

www.zdnet.com/article/ransomware-accounts-to-41-of-all-cyber-insurance-claims/ Cyber insurance claims ranged in size from $1, 000 to well over $2, 000, 000 per security incident. Ransomware incidents have accounted for 41% of cyber insurance claims filed in the first half of 2020, according to a report published today by Coalition, one of the largest providers of cyber insurance services in North America. “In the first half of 2020 alone, we observed a 260% increase in the frequency of ransomware attacks amongst our policyholders, with the average ransom demand increasing 47%, ” the company added.

Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom

www.bleepingcomputer.com/news/security/equinix-data-center-giant-hit-by-netwalker-ransomware-45m-ransom/ Data center and colocation giant Equinix has been hit with a Netwalker ransomware attack where threat actors are demanding $4.5 million for a decryptor and to prevent the release of stolen data. Equinix is a massive data center and colocation provider with over 50 locations worldwide. Customers use these data centers to colocate their equipment or to interconnect with other ISPs and network providers.

Zeppelin Ransomware Returns with New Trojan on Board

threatpost.com/zeppelin-ransomware-returns-trojan/159092/ The malware has popped up in a targeted campaign and a new infection routine. The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. Zeppelin is a variant of the Delphi-based ransomware-as-a-service (RaaS) family initially known as Vega or VegaLocker, which emerged at the beginning of 2019. Unlike its predecessor, Zeppelin is much more targeted, and first took aim at targeted tech and healthcare companies in Europe and the U.S.

ProLock ransomware increases payment demand and victim count

www.bleepingcomputer.com/news/security/prolock-ransomware-increases-payment-demand-and-victim-count/ Using standard tactics, the operators of ProLock ransomware were able to deploy a large number of attacks over the past six months, averaging close to one target every day. A fresh start in March under the ProLock label also meant increased activity and larger ransoms. Since then, the average figure swelled to $1.8 million, indicates incident response data from cybersecurity company Group-IB.

BLURtooth vulnerability lets attackers defeat Bluetooth encryption

www.bleepingcomputer.com/news/security/blurtooth-vulnerability-lets-attackers-defeat-bluetooth-encryption/ BLURtooth is also suitable for man-in-the-middle (MitM) type of attacks, with the attacker sits between two vulnerable devices that had been linked using authenticated pairing.

Knowing The Cyber Landscape: Five Ways CFOs Can Quantify And Articulate Data Security And Privacy

www.forbes.com/sites/jimdeloach/2020/09/08/knowing-the-cyber-landscape-five-ways-cfos-can-quantify-and-articulate-data-security-and-privacy/

Microsoft to finally kill Adobe Flash support by January 2021

www.bleepingcomputer.com/news/microsoft/microsoft-to-finally-kill-adobe-flash-support-by-january-2021/

You might be interested in …

Daily NCSC-FI news followup 2019-09-28

More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed thehackernews.com/2019/09/dynamic-sim-toolkit-vulnerability.html Remember the Simjacker vulnerability? Now, it turns out that the [email protected] Browser is not the only dynamic SIM toolkit that contains the Simjacker issue which can be exploited remotely from any part of the world without any authorizationregardless of which handsets or mobile operating […]

Read More

Daily NCSC-FI news followup 2019-06-23

U.S. Carried Out Cyberattacks on Iran www.nytimes.com/2019/06/22/us/politics/us-iran-cyber-attacks.html United States Cyber Command on Thursday conducted online attacks against an Iranian intelligence group that American officials believe helped plan the attacks against oil tankers in recent weeks, according to people briefed on the operation. The intrusion occurred the same day President Trump called off a strike on […]

Read More

Daily NCSC-FI news followup 2020-12-21

Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/ In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked. The phones were compromised […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.