Daily NCSC-FI news followup 2020-09-16

Tietovuoto: Kiinalaisyrityksen urkintalistalla on 799 suomalaista, joukossa poliitikkoja ja heidän lähipiiriään Katso, miten suomalaiset on jaoteltu

yle.fi/uutiset/3-11544521 Poikkeuksellinen tietovuoto kertoo, millaiset suomalaiset vaikuttajat kiinnostavat Kiinaa.

Pitkään kestävä syysmyrsky huolettaa sähköyhtiöitä “Valmiudessa on moninkertainen määrä työntekijöitä”

yle.fi/uutiset/3-11547019 Keski-Pohjanmaalla toimivat sähköyhtiöt ovat nostaneet selvästi varautumistaan voimakkaan ja poikkeuksellisen pitkäkestoisen syysmyrskyn varalle.

Yhä useampi on huolissaan lähipiiriinsä kohdistuvista tietoturvauhkista

www.epressi.com/tiedotteet/teknologia/yha-useampi-on-huolissaan-lahipiiriinsa-kohdistuvista-tietoturvauhkista.html Liikenne- ja viestintävirasto Traficomin loppukeväällä teettämän kuluttajatutkimuksen mukaan suomalaiset kokevat tietoturvaan liittyvät uhkakuvat merkittävinä huomattavasti aiempaa laajemmin. Valmiuksien suojautua näiltä uhkilta ei kuitenkaan ole koettu parantuneen samassa suhteessa. Samaan aikaan nettiin kytketyt älylaitteet ovat yleistyneet kodeissa.

Billions of devices vulnerable to new ‘BLESA’ Bluetooth security flaw

www.zdnet.com/article/billions-of-devices-vulnerable-to-new-blesa-bluetooth-security-flaw/ New BLESA attack goes after the often ignored Bluetooth reconnection process, unlike previous vulnerabilities, most found in the pairing operation.

DDoS Attacks Skyrocket as Pandemic Bites

threatpost.com/ddos-attacks-skyrocket-pandemic/159301/ More people being online during lockdowns and work-from-home shifts has proven to be lucrative for DDoS-ers.

US charges two hackers for defacing US websites following Soleimani killing

www.zdnet.com/article/us-charges-two-hackers-for-defacing-us-websites-following-soleimani-killing/ US authorities have tracked down the two hackers behind a January 2020 mass-defacement campaign.

FBI adds 5 Chinese APT41 hackers to its Cyber’s Most Wanted List

thehackernews.com/2020/09/apt41-hackers-wanted-by-fbi.html The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking than 100 companies throughout the world.

Koronavilkulla yli kaksi miljoonaa latausta 218 ilmoittanut tartunnasta

www.is.fi/digitoday/mobiili/art-2000006637535.html Tartunnoista on ilmoitettu Koronavilkussa samassa suhteessa kuin mitä sovellusta on otettu käyttöön.

LockBit ransomware launches data leak site to double-extort victims

www.bleepingcomputer.com/news/security/lockbit-ransomware-launches-data-leak-site-to-double-extort-victims/ The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom.

Payments stopped, three arrested in medical supplies fraud case

www.interpol.int/en/News-and-Events/News/2020/Payments-stopped-three-arrested-in-medical-supplies-fraud-case Three members of an international crime syndicate wanted for tricking an Italian company into making fraudulent payments for non-existent medical equipment were arrested in Indonesia, in a case supported by INTERPOL.

Cerberus banking Trojan source code released for free to cyberattackers

www.zdnet.com/article/cerberus-banking-trojan-source-code-released-for-free-to-cyberattackers/ An auction designed to net the developer of the Android malware $100,000 failed.

Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale

www.microsoft.com/security/blog/2020/09/15/microsoft-onefuzz-framework-open-source-developer-tool-fix-bugs/ Today, were excited to release this new tool called Project OneFuzz, an extensible fuzz testing framework for Azure. Available through GitHub as an open-source tool, the testing framework used by Microsoft Edge, Windows, and teams across Microsoft is now available to developers around the world.

This security awareness training email is actually a phishing scam

www.bleepingcomputer.com/news/security/this-security-awareness-training-email-is-actually-a-phishing-scam/ A creative phishing campaign uses an email template that pretends to be a reminder to complete security awareness training from a well-known security company.

Worried about bootkits, rootkits, UEFI nasties? Have you tried turning on Secure Boot, asks the No Sh*! Agency

www.theregister.com/2020/09/16/nsa_secureboot_guide/ The NSA has published online a guide for IT admins to keep systems free of bootkits and rootkits.. see also

media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF

Improved malware protection for users in the Advanced Protection Program

security.googleblog.com/2020/09/improved-malware-protection-for-users.html Googles Advanced Protection Program helps secure people at higher risk of targeted online attacks, like journalists, political organizations, and activists, with a set of constantly evolving safeguards that reflect todays threat landscape.

You might be interested in …

Daily NCSC-FI news followup 2020-04-02

Hackers linked to Iran target WHO staff emails during coronavirus www.reuters.com/article/us-health-coronavirus-cyber-iran-exclusi/exclusive-hackers-linked-to-iran-target-who-staff-emails-during-coronavirus-sources-idUSKBN21K1RC Hackers working in the interests of the Iranian government have attempted to break into the personal email accounts of staff at the World Health Organization during the coronavirus outbreak, four people with knowledge of the matter told Reuters. CORONAVIRUS TROJAN OVERWRITING THE MBR securitynews.sonicwall.com/xmlpost/coronavirus-trojan-overwriting-the-mbr/ […]

Read More

Daily NCSC-FI news followup 2021-02-11

Vastaamon palvelimen portti 3306 oli auki nettiin 1, 5 vuotta ja kiristys alkoi jo 2018 julkisuuskatastrofia viivytettiin viimeiseen asti www.is.fi/digitoday/tietoturva/art-2000007794906.html Vastaamon ensimmäisessä kiristysyrityksessä on saattanut olla kyse “roiskaisusta”, jossa tietomurtaja ei tiennyt, mitä hänellä oli käsissään. Vastaamon asiakastietokannan varastaminen johtui palvelimelle auki jätetystä tietoliikenneportista, joka oli auki 1, 5 vuoden ajan. Lookout Discovers Novel Confucius […]

Read More

Daily NCSC-FI news followup 2020-03-11

Warning Unpatched Critical ‘Wormable’ Windows SMBv3 Flaw Disclosed thehackernews.com/2020/03/smbv3-wormable-vulnerability.html Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol. Beware of ‘Coronavirus Maps’ It’s a malware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.