Daily NCSC-FI news followup 2020-10-03

Kyberturvallisuuden superkuukausi on täällä taas!

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kyberturvallisuuden-superkuukausi-taalla-taas Lokakuussa kyberturvallisuus saa siivet, kun Euroopan kyberturvallisuuskuukausi, European Cyber Security Month taas alkaa. Eurooppalainen kyberin yhteisponnistus näkyy ja kuuluu verkkosivuillamme ja somekanavissamme. Kampanja on tarkoitettu meille kaikille. Laitetaan yhdessä kyberturvallisuuden perustaidot kuntoon!

CERT-SE Challenge 2020 – Will you accept our challenge?

cert.se/2020/09/cert-se-challenge-2020 CERT-SE kicks the cybersecurity month off with a challenge aimed to everyone with a cybersecurity interest.

Microsoft Says Russia Behind Most Nation-State Cyber-Attacks

www.bloomberg.com/news/articles/2020-09-29/microsoft-says-russia-behind-most-nation-state-hacking-attempts Russia-based hackers are responsible for the majority of nation-state attacks on Microsoft customers, according to new data from company.

Egregor Ransomware Threatens Mass-Media’ Release of Corporate Data

threatpost.com/egregor-ransomware-mass-media-corporate-data/159816/ A freshly discovered family of ransomware called Egregor has been spotted in the wild, using a tactic of siphoning off corporate information and threatening a “mass-media” release of it before encrypting all files.

How One Piece of Hardware Took Down a $6 Trillion Stock Market

www.bloomberg.com/news/articles/2020-10-02/how-one-piece-of-hardware-took-down-a-6-trillion-stock-market A data device critical to the Tokyo Stock Exchange’s trading system had malfunctioned, and the automatic backup had failed to kick in. It was less than an hour before the system, called Arrowhead, was due to start processing orders in the $6 trillion equity market. Exchange officials could see no solution.

Grindr fixed a bug allowing full takeover of any user account

www.bleepingcomputer.com/news/security/grindr-fixed-a-bug-allowing-full-takeover-of-any-user-account/ Grindr has fixed a security flaw that could have allowed attackers to easily hijack any Grindr account if they knew the user’s email address.

Google now discloses Android vulnerabilities for 3rd-party devices

www.bleepingcomputer.com/news/security/google-now-discloses-android-vulnerabilities-for-3rd-party-devices/ Google today announced the launch of a new program specifically designed to deal with security vulnerabilities the company finds in third-party Android devices and software serviced by Android OEMs.

Common Ways Attackers Are Stealing Credentials

www.wordfence.com/blog/2020/10/common-ways-attackers-are-stealing-credentials/ A few weeks ago, we reviewed some of the worst website hacks we’ve ever seen. Every one of them started with poor password choices and escalated into a disastrous event for the site owner. Strong passwords and good password hygiene are often the first line of defense.

You might be interested in …

Daily NCSC-FI news followup 2019-06-23

U.S. Carried Out Cyberattacks on Iran www.nytimes.com/2019/06/22/us/politics/us-iran-cyber-attacks.html United States Cyber Command on Thursday conducted online attacks against an Iranian intelligence group that American officials believe helped plan the attacks against oil tankers in recent weeks, according to people briefed on the operation. The intrusion occurred the same day President Trump called off a strike on […]

Read More

Daily NCSC-FI news followup 2020-06-27

DarkCrewFriends Returns with Botnet Strategy threatpost.com/darkcrewfriends-returns-botnet/156963/ The botnet can be used to mount different kinds of attacks, including code-execution and DDoS. 8 U.S. City Websites Targeted in Magecart Attacks threatpost.com/8-city-gov-websites-magecart/156954/ Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident. Admin of carding portal behind $568M […]

Read More

Daily NCSC-FI news followup 2020-01-14

Russians Hacked Ukrainian Gas Company at Center of Impeachment www.nytimes.com/2020/01/13/us/politics/russian-hackers-burisma-ukraine.html It is not yet clear what the hackers found, or precisely what they were searching for. But the experts say the timing and scale of the attacks suggest that the Russians could be searching for potentially embarrassing material on the Bidens the same kind of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.