Daily NCSC-FI news followup 2020-09-21

JAMK kartoitti kyberharjoitusympäristöjä: Euroopassa tietoverkkohyökkäyksiä vastaan harjoitellaan aktiivisesti

www.epressi.com/tiedotteet/tietoturva/jamk-kartoitti-kyberharjoitusymparistoja-euroopassa-tietoverkkohyokkayksia-vastaan-harjoitellaan-aktiivisesti.html Jyväskylän ammattikorkeakoulussa (JAMK) on selvitetty eurooppalaisia kyberturvallisuusympäristöjä ja niiden ominaisuuksia. Laaja selvitys on Euroopassa ensimmäinen laatuaan. Raportoituja eurooppalaisia kyberturvallisuusharjoitusympäristöjä (cyber range) löytyi selvityksessä kolmekymmentäyhdeksän. Suomalaisia harjoitusympäristöjä raportointiin maakohtaisesti eniten, yhteensä seitsemän.

Slightly broken overlay phishing

isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ At the Internet Storm Center, we often receive examples of interesting phishing e-mails from our readers. Of course, this is not the only source of interesting malicious messages in our inboxes sometimes the phishing authors cut out the middleman and send their creations directly to us. Last week, this was the case with a slightly unusual (and slightly broken) phishing, which tries to use legitimate pages overlaid with a fake login prompt.

The ransomware crisis is getting worse. We need to make these four big changes

www.zdnet.com/article/the-ransomware-crisis-is-getting-worse-we-need-to-make-these-four-big-changes/ The cruel march of ransomware has apparently reached a grim new milestone. In Germany, authorities are investigating the death of a patient during a ransomware attack on a hospital; according to reports, the woman, who needed urgent medical care, died after being re-routed to a hospital further away, as a nearer hospital was in the midst of dealing with a ransomware attack. Elsewhere ransomware continues to create painful, if less tragic, disruptions. The UK’s cybersecurity agency has just warned that ransomware groups are launching ‘reprehensible’ attacks against universities as the new academic year starts.

Threat Landscape Trends: Endpoint Security, Part 1

blogs.cisco.com/security/threat-landscape-trends-endpoint-security In the ongoing battle to defend your organization, deciding where to dedicate resources is vital. To do so efficiently, you need to have a solid understanding of your local network topology, cloud implementations, software and hardware assets, and the security policies in place. On top of that, you need to have an understanding of whats traveling through and residing in your environment, and how to respond when something is found that shouldnt be there.

NSA:n työkalu epäilytti tietoturvaosaajia CUJOn suomalaistiimi huomasi ottaa sen avukseen

www.tivi.fi/uutiset/nsan-tyokalu-epailytti-tietoturvaosaajia-cujon-suomalaistiimi-huomasi-ottaa-sen-avukseen/da6f0aee-3d97-4b3d-9ccd-bea94506236c Go-kielestä on tullut nopeasti haittaohjelmanikkarien uusi suosikki. CUJO AI:n Suomessa toimiva laboratorio on huomannut tämän iot-laitteiden kohdalla. Tietoturvayhtiö CUJO AI:n tietoturvalaboratoriosta vastaavan johtajan Kimmo Kasslinin mukaan go:n suosio johtuu pääosin iot-laitteiden bottiverkkojen yleistymisestä.

Strava app shows your info to nearby users unless this setting is disabled

www.bleepingcomputer.com/news/security/strava-app-shows-your-info-to-nearby-users-unless-this-setting-is-disabled/ Popular running and cycling app Strava can expose your information to nearby strangers, which has sparked privacy concerns among its users. After learning of this information sharing feature, some fear this functionality can be abused for stalking and “predatory” motives. Previously, Strava had published heatmaps generated from 13 trillion GPS coordinates from joggers’ data, which inadvertently exposed the locations of military bases around the world, including those in the U.S.

Activision Accounts Hacked? 500,000 Call Of Duty Players Could Be AffectedReport

www.forbes.com/sites/daveywinder/2020/09/21/activision-accounts-hacked-500000-call-of-duty-players-could-be-affected-report/ According to reports, more than 500,000 Activision accounts may have been hacked with login data being compromised. The eSports site Dexerto has reported that a data breach occurred on Sunday, September 20. The credentials to access these accounts are, Dexerto said, being leaked publicly, and account details changed to prevent easy recovery by the rightful owners. Activision accounts are mostly used by players of the hugely popular Call of Duty franchise.

What to Expect When Reporting Vulnerabilities to Microsoft

msrc-blog.microsoft.com/2020/09/21/what-to-expect-when-reporting-vulnerabilities-to-microsoft/ At the Microsoft Security Response Centers (MSRC), our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers get fixed. Many researchers report these types of issues to many different companies, and how these companies manage their process for receiving, assessing, and fixing these can vary considerably. So, we would like to let you know what you can do to help speed your submission through our process when reporting security vulnerabilities to Microsoft, and what to expect afterwards.

You might be interested in …

Daily NCSC-FI news followup 2019-08-28

Avast and French police take over malware botnet and disinfect 850,000 computers decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/ Cybercrime: Ransomware attacks have more than doubled this year www.zdnet.com/article/cyber-crime-ransomware-attacks-have-more-than-doubled-this-year/ TrickBot Modifications Target U.S. Mobile Users www.secureworks.com/blog/trickbot-modifications-target-us-mobile-users TrickBot added functionality to solicit PIN codes from mobile customers, which could allow threat actors to access victims voice and text communications. WootCloud Discovers ARES […]

Read More

Daily NCSC-FI news followup 2020-12-22

Kyberturvallisuuskeskuksen uusi julkaisu: Opas tietomurtojen havaitsemiseen www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseen Tässä ohjeessa keskitytään erityisesti tietomurron havaitsemiseen lokitietojen avulla. Esimerkkeinä käytetään Windows Event Log – -­tapahtumalokeja tai muita Windows-­käyttöjärjestelmän lokitapahtumia. Valittuja esimerkkitapahtumia on havaittu tutkituissa tietomurroista tunkeutujien jäljiltä. PDF: www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/Opas-tietomurtojen-havaitsemiseen.pdf SolarWinds hackers breached US Treasury officials’ email accounts www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ US Senator Ron Wyden said that dozens of US Treasury […]

Read More

Daily NCSC-FI news followup 2019-12-19

How to keep spies off your phone in real life, not the movies www.kaspersky.com/blog/smartphone-spying-protection/31894/ In the new Terminator movie, Sarah Connor puts her phone inside an empty bag of chips to hide her movements from the bad guys. Our recent experiment showed that this method is actually workable (with some provisos): A couple of foil […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.