Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia

www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080

Ransomware accounted for 41% of all cyber insurance claims in H1 2020

www.zdnet.com/article/ransomware-accounts-to-41-of-all-cyber-insurance-claims/ Cyber insurance claims ranged in size from $1, 000 to well over $2, 000, 000 per security incident. Ransomware incidents have accounted for 41% of cyber insurance claims filed in the first half of 2020, according to a report published today by Coalition, one of the largest providers of cyber insurance services in North America. “In the first half of 2020 alone, we observed a 260% increase in the frequency of ransomware attacks amongst our policyholders, with the average ransom demand increasing 47%, ” the company added.

Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom

www.bleepingcomputer.com/news/security/equinix-data-center-giant-hit-by-netwalker-ransomware-45m-ransom/ Data center and colocation giant Equinix has been hit with a Netwalker ransomware attack where threat actors are demanding $4.5 million for a decryptor and to prevent the release of stolen data. Equinix is a massive data center and colocation provider with over 50 locations worldwide. Customers use these data centers to colocate their equipment or to interconnect with other ISPs and network providers.

Zeppelin Ransomware Returns with New Trojan on Board

threatpost.com/zeppelin-ransomware-returns-trojan/159092/ The malware has popped up in a targeted campaign and a new infection routine. The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. Zeppelin is a variant of the Delphi-based ransomware-as-a-service (RaaS) family initially known as Vega or VegaLocker, which emerged at the beginning of 2019. Unlike its predecessor, Zeppelin is much more targeted, and first took aim at targeted tech and healthcare companies in Europe and the U.S.

ProLock ransomware increases payment demand and victim count

www.bleepingcomputer.com/news/security/prolock-ransomware-increases-payment-demand-and-victim-count/ Using standard tactics, the operators of ProLock ransomware were able to deploy a large number of attacks over the past six months, averaging close to one target every day. A fresh start in March under the ProLock label also meant increased activity and larger ransoms. Since then, the average figure swelled to $1.8 million, indicates incident response data from cybersecurity company Group-IB.

BLURtooth vulnerability lets attackers defeat Bluetooth encryption

www.bleepingcomputer.com/news/security/blurtooth-vulnerability-lets-attackers-defeat-bluetooth-encryption/ BLURtooth is also suitable for man-in-the-middle (MitM) type of attacks, with the attacker sits between two vulnerable devices that had been linked using authenticated pairing.

Knowing The Cyber Landscape: Five Ways CFOs Can Quantify And Articulate Data Security And Privacy

www.forbes.com/sites/jimdeloach/2020/09/08/knowing-the-cyber-landscape-five-ways-cfos-can-quantify-and-articulate-data-security-and-privacy/

Microsoft to finally kill Adobe Flash support by January 2021

www.bleepingcomputer.com/news/microsoft/microsoft-to-finally-kill-adobe-flash-support-by-january-2021/

You might be interested in …

Daily NCSC-FI news followup 2019-06-06

Microsoft and Oracle link up their clouds techcrunch.com/2019/06/05/microsoft-and-oracle-link-up-their-clouds/ Microsoft and Oracle announced a new alliance today that will see the two companies directly connect their clouds over a direct network connection so that their users can then move workloads and data seamlessly between the two. This alliance goes a bit beyond just basic direct connectivity […]

Read More

Daily NCSC-FI news followup 2022-02-11

Poliisi: Vastaamon uhrien tietoja käytetään rikoksiin: “Ilmiö on erityisen vasten­mielinen” www.is.fi/digitoday/tietoturva/art-2000008606455.html Poliisi on seurannut alusta asti, käytetäänkö Vastaamon varastettuja henkilötietoja rikoksiin. Poliisin mukaan tällaisia tapauksia on nyt havaittu noin sata kappaletta. Tietoja on käytetty erilaisissa rekisteröinneissä, ja niitä saatetaan käyttää esimerkiksi tilauspetosten tekemiseen. POLIISIN mukaan suuri osa tietojen hyväksikäytöstä on havaittu palveluissa, joissa ei ole […]

Read More

[NCSC-FI News] Crowd-sourced attacks present new risk of crisis escalation

An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine Based […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.