Daily NCSC-FI news followup 2020-10-03

Kyberturvallisuuden superkuukausi on täällä taas!

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kyberturvallisuuden-superkuukausi-taalla-taas Lokakuussa kyberturvallisuus saa siivet, kun Euroopan kyberturvallisuuskuukausi, European Cyber Security Month taas alkaa. Eurooppalainen kyberin yhteisponnistus näkyy ja kuuluu verkkosivuillamme ja somekanavissamme. Kampanja on tarkoitettu meille kaikille. Laitetaan yhdessä kyberturvallisuuden perustaidot kuntoon!

CERT-SE Challenge 2020 – Will you accept our challenge?

cert.se/2020/09/cert-se-challenge-2020 CERT-SE kicks the cybersecurity month off with a challenge aimed to everyone with a cybersecurity interest.

Microsoft Says Russia Behind Most Nation-State Cyber-Attacks

www.bloomberg.com/news/articles/2020-09-29/microsoft-says-russia-behind-most-nation-state-hacking-attempts Russia-based hackers are responsible for the majority of nation-state attacks on Microsoft customers, according to new data from company.

Egregor Ransomware Threatens Mass-Media’ Release of Corporate Data

threatpost.com/egregor-ransomware-mass-media-corporate-data/159816/ A freshly discovered family of ransomware called Egregor has been spotted in the wild, using a tactic of siphoning off corporate information and threatening a “mass-media” release of it before encrypting all files.

How One Piece of Hardware Took Down a $6 Trillion Stock Market

www.bloomberg.com/news/articles/2020-10-02/how-one-piece-of-hardware-took-down-a-6-trillion-stock-market A data device critical to the Tokyo Stock Exchange’s trading system had malfunctioned, and the automatic backup had failed to kick in. It was less than an hour before the system, called Arrowhead, was due to start processing orders in the $6 trillion equity market. Exchange officials could see no solution.

Grindr fixed a bug allowing full takeover of any user account

www.bleepingcomputer.com/news/security/grindr-fixed-a-bug-allowing-full-takeover-of-any-user-account/ Grindr has fixed a security flaw that could have allowed attackers to easily hijack any Grindr account if they knew the user’s email address.

Google now discloses Android vulnerabilities for 3rd-party devices

www.bleepingcomputer.com/news/security/google-now-discloses-android-vulnerabilities-for-3rd-party-devices/ Google today announced the launch of a new program specifically designed to deal with security vulnerabilities the company finds in third-party Android devices and software serviced by Android OEMs.

Common Ways Attackers Are Stealing Credentials

www.wordfence.com/blog/2020/10/common-ways-attackers-are-stealing-credentials/ A few weeks ago, we reviewed some of the worst website hacks we’ve ever seen. Every one of them started with poor password choices and escalated into a disastrous event for the site owner. Strong passwords and good password hygiene are often the first line of defense.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.