Johdon ohjaus on ratkaisevaa yrityksen kyberkestävyyden kannalta
www.huoltovarmuuskeskus.fi/johdon-ohjaus-on-ratkaisevaa-yrityksen-kyberkestavyyden-kannalta/ Johdon sitoutuminen ja ohjaus ratkaisevat yrityksen kyberkestävyyden ja sitä kautta liiketoiminnan jatkuvuuden. Suomessa finanssiala on pisimmällä kyberturvallisuudessa, kertoo Huoltovarmuusorganisaation Digipoolin teettämä kartoitus
MosaicRegressor: Lurking in the Shadows of UEFI
securelist.com/mosaicregressor/98849/ UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips on modern day computer systems. Replacing the legacy BIOS, it is typically used to facilitate the machine’s boot sequence and load the operating system, while using a feature-rich environment to do so. Lisäksi:
threatpost.com/bootkit-malware-north-korea-diplomats/159846/. Lisäksi:
www.zdnet.com/article/chinese-hacker-group-spotted-using-a-uefi-bootkit-in-the-wild/. Lisäksi:
arstechnica.com/information-technology/2020/10/custom-made-uefi-bootkit-found-lurking-in-the-wild/. Lisäksi:
www.bleepingcomputer.com/news/security/mosaicregressor-second-ever-uefi-rootkit-found-in-the-wild/. Lisäksi: www.wired.com/story/hacking-team-uefi-tool-spyware/
Tenda Router Zero-Days Emerge in Spyware Botnet Campaign
threatpost.com/tenda-router-zero-days-spyware-botnet/159834/ A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.
Four npm packages found uploading user details on a GitHub page
www.zdnet.com/article/four-npm-packages-found-uploading-user-details-on-a-github-page/ Four JavaScript npm packages contained malicious code that collected user details and uploaded the information to a public GitHub page.
Crypto-mining worm adds Linux password stealing capability
www.bleepingcomputer.com/news/security/crypto-mining-worm-adds-linux-password-stealing-capability/ The TeamTNT cybercrime group has recently updated its crypto-mining worm with password-stealing capabilities and with an additional network scanner to make it easier to spread to other vulnerable devices.
Slack outage causes lag, message errors, blank screens worldwide
www.bleepingcomputer.com/news/technology/slack-outage-causes-lag-message-errors-blank-screens-worldwide/ Slack is experiencing a worldwide outage causing problems sending messages, editing messages, lag in chats, and channels displaying a blank screen. Lisäksi:
status.slack.com/2020-10/e8c094cc99aabf64
New ransomware vaccine kills programs wiping Windows shadow volumes
www.bleepingcomputer.com/news/security/new-ransomware-vaccine-kills-programs-wiping-windows-shadow-volumes/ A new ransomware vaccine program has been created that terminates processes that try to delete volume shadow copies using Microsoft’s vssadmin.exe program
Häiriö ohi: HUSin koronabotin kaatanut vika on saatu korjattua
yle.fi/uutiset/3-11579085 Koronabotti itsepalveluajanvarauksessa aamulla alkanut häiriö on saatu korjattua, HUS tiedottaa.
New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
thehackernews.com/2020/10/antivirus-software-vulnerabilities.html Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems.
