Daily NCSC-FI news followup 2020-09-17

Ransomware attack at German hospital leads to death of patient

www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/ A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack.

www.is.fi/digitoday/tietoturva/art-2000006638568.html Postin nimissä lähetettäviä huijaustekstiviestejä tulee suomalaisille hyvin aktiivisesti. Ilta-Sanomat Digitoday on saanut useita ilmoituksia viime viikonloppuna ja tällä viikolla lähetetyistä viesteistä.

Zerologon hacking Windows servers with a bunch of zeros

nakedsecurity.sophos.com/2020/09/17/zerologon-hacking-windows-servers-with-a-bunch-of-zeros/ The big, bad bug of the week is called Zerologon.. As you can probably tell from the name, it involves Windows everyone else talks about logging in, but on Windows youve always very definitely logged on and it is an authentication bypass, because it lets you get away with using a zero-length password.

Emotet strikes Quebecs Department of Justice: An ESET Analysis

www.welivesecurity.com/2020/09/16/emotet-quebec-department-justice-eset/ The cyber attack affects 14 inboxes belonging to the Department of Justice was confirmed by ESET researchers.

Ransomware warning: Hackers are launching fresh attacks against universities

www.zdnet.com/article/ransomware-warning-hackers-are-launching-fresh-attacks-against-universities/ Cybersecurity agency warns about a spike in ransomware attacks targeting universities and colleges.

Maze ransomware now encrypts via virtual machines to evade detection

www.bleepingcomputer.com/news/security/maze-ransomware-now-encrypts-via-virtual-machines-to-evade-detection/ The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine.

A New Botnet Attack Just Mozied Into Town

securityintelligence.com/posts/botnet-attack-mozi-mozied-into-town/ A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered.

Two Russians Charged in $17M Cryptocurrency Phishing Spree

krebsonsecurity.com/2020/09/two-russians-charged-in-17m-cryptocurrency-phishing-spree/ U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Daily NCSC-FI news followup 2019-11-15

Clampdown on US border device searches not such a big deal www.zdnet.com/article/clampdown-on-us-border-device-searches-not-such-a-big-deal/#ftag=RSSbaffb68 Alasaad v. Mcaleenan acknowledges the intrusiveness of digital searches, but it’s only about “contraband” and falls short of requiring a warrant. It’s time for SCOTUS and Congress to dig deeper, say experts. New Emotet Report Details Threats From One of the Worlds Most […]

Daily NCSC-FI news followup 2020-04-03

A hacker has wiped, defaced more than 15,000 Elasticsearch servers www.zdnet.com/article/a-hacker-has-wiped-defaced-more-than-15000-elasticsearch-servers/ For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame. […]

Daily NCSC-FI news followup 2019-08-07

SWAPGS Vulnerability in Modern CPUs Fixed in Windows, Linux, ChromeOS www.bleepingcomputer.com/news/security/swapgs-vulnerability-in-modern-cpus-fixed-in-windows-linux-chromeos/ At BlackHat today, Bitdefender disclosed a new variant of the Spectre 1 speculative execution side channel vulnerabilities that could allow a malicious program to access and read the contents of privileged memory in an operating system.. In a statement from Intel, BleepingComputer was told […]