Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia

www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080

Ransomware accounted for 41% of all cyber insurance claims in H1 2020

www.zdnet.com/article/ransomware-accounts-to-41-of-all-cyber-insurance-claims/ Cyber insurance claims ranged in size from $1, 000 to well over $2, 000, 000 per security incident. Ransomware incidents have accounted for 41% of cyber insurance claims filed in the first half of 2020, according to a report published today by Coalition, one of the largest providers of cyber insurance services in North America. “In the first half of 2020 alone, we observed a 260% increase in the frequency of ransomware attacks amongst our policyholders, with the average ransom demand increasing 47%, ” the company added.

Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom

www.bleepingcomputer.com/news/security/equinix-data-center-giant-hit-by-netwalker-ransomware-45m-ransom/ Data center and colocation giant Equinix has been hit with a Netwalker ransomware attack where threat actors are demanding $4.5 million for a decryptor and to prevent the release of stolen data. Equinix is a massive data center and colocation provider with over 50 locations worldwide. Customers use these data centers to colocate their equipment or to interconnect with other ISPs and network providers.

Zeppelin Ransomware Returns with New Trojan on Board

threatpost.com/zeppelin-ransomware-returns-trojan/159092/ The malware has popped up in a targeted campaign and a new infection routine. The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. Zeppelin is a variant of the Delphi-based ransomware-as-a-service (RaaS) family initially known as Vega or VegaLocker, which emerged at the beginning of 2019. Unlike its predecessor, Zeppelin is much more targeted, and first took aim at targeted tech and healthcare companies in Europe and the U.S.

ProLock ransomware increases payment demand and victim count

www.bleepingcomputer.com/news/security/prolock-ransomware-increases-payment-demand-and-victim-count/ Using standard tactics, the operators of ProLock ransomware were able to deploy a large number of attacks over the past six months, averaging close to one target every day. A fresh start in March under the ProLock label also meant increased activity and larger ransoms. Since then, the average figure swelled to $1.8 million, indicates incident response data from cybersecurity company Group-IB.

BLURtooth vulnerability lets attackers defeat Bluetooth encryption

www.bleepingcomputer.com/news/security/blurtooth-vulnerability-lets-attackers-defeat-bluetooth-encryption/ BLURtooth is also suitable for man-in-the-middle (MitM) type of attacks, with the attacker sits between two vulnerable devices that had been linked using authenticated pairing.

Knowing The Cyber Landscape: Five Ways CFOs Can Quantify And Articulate Data Security And Privacy

www.forbes.com/sites/jimdeloach/2020/09/08/knowing-the-cyber-landscape-five-ways-cfos-can-quantify-and-articulate-data-security-and-privacy/

Microsoft to finally kill Adobe Flash support by January 2021

www.bleepingcomputer.com/news/microsoft/microsoft-to-finally-kill-adobe-flash-support-by-january-2021/

You might be interested in …

Daily NCSC-FI news followup 2019-07-23

4 Practical Steps for Shift Left Security blog.paloaltonetworks.com/2019/07/4-practical-steps-shift-left-security/ Since the beginning of modern computing, security has largely been divorced from software development. Recent vulnerability research confirms this. Consider that over the past five years, out of all published vulnerabilities, 76% were from applications. Given this radical shift in attacker focus, its time to embed security […]

Read More

Daily NCSC-FI news followup 2020-06-16

T-Mobile confirms nationwide outage impacting millions of customers abc13.com/tmobile-outage-is-out-t-mobile-down/6248980/ T-Mobile customers are dealing with a nationwide outage of its voice and data network. The phone carrier’s president of technology, Neville Ray, confirmed the outage Monday afternoon. “Our engineers are working to resolve a voice and data issue that has been affecting customers around the country. […]

Read More

Daily NCSC-FI news followup 2019-10-11

Hakkeriryhmä testasi Jyväskylän yliopiston tietoturvaa www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/hakkeriryhma-testasi-jyvaskylan-yliopiston-tietoturvaa Useiden Jyväskylän yliopiston tietojärjestelmien tietoturvaa testattiin syyskuussa normaalista poikkeavalla tavalla, kun valkohattuhakkeriryhmä Team ROT etsi niistä tietoturvaongelmia toteuttamassaan tietoturvatestauksessa.. Tietoturvatestaus toteutettiin viikonlopun aikana niin, että se haittasi mahdollisimman vähän yliopiston normaalia toimintaa. Testaajilla ei ollut fyysistä pääsyä yliopiston järjestelmiin, vaan yhteys niihin muodostettiin etäältä avoimen verkon kautta juuri niin […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.