Daily NCSC-FI news followup 2020-10-05

Johdon ohjaus on ratkaisevaa yrityksen kyberkestävyyden kannalta

www.huoltovarmuuskeskus.fi/johdon-ohjaus-on-ratkaisevaa-yrityksen-kyberkestavyyden-kannalta/ Johdon sitoutuminen ja ohjaus ratkaisevat yrityksen kyberkestävyyden ja sitä kautta liiketoiminnan jatkuvuuden. Suomessa finanssiala on pisimmällä kyberturvallisuudessa, kertoo Huoltovarmuusorganisaation Digipoolin teettämä kartoitus

MosaicRegressor: Lurking in the Shadows of UEFI

securelist.com/mosaicregressor/98849/ UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips on modern day computer systems. Replacing the legacy BIOS, it is typically used to facilitate the machine’s boot sequence and load the operating system, while using a feature-rich environment to do so. Lisäksi:

threatpost.com/bootkit-malware-north-korea-diplomats/159846/. Lisäksi:

www.zdnet.com/article/chinese-hacker-group-spotted-using-a-uefi-bootkit-in-the-wild/. Lisäksi:

arstechnica.com/information-technology/2020/10/custom-made-uefi-bootkit-found-lurking-in-the-wild/. Lisäksi:

www.bleepingcomputer.com/news/security/mosaicregressor-second-ever-uefi-rootkit-found-in-the-wild/. Lisäksi: www.wired.com/story/hacking-team-uefi-tool-spyware/

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

threatpost.com/tenda-router-zero-days-spyware-botnet/159834/ A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.

Four npm packages found uploading user details on a GitHub page

www.zdnet.com/article/four-npm-packages-found-uploading-user-details-on-a-github-page/ Four JavaScript npm packages contained malicious code that collected user details and uploaded the information to a public GitHub page.

Crypto-mining worm adds Linux password stealing capability

www.bleepingcomputer.com/news/security/crypto-mining-worm-adds-linux-password-stealing-capability/ The TeamTNT cybercrime group has recently updated its crypto-mining worm with password-stealing capabilities and with an additional network scanner to make it easier to spread to other vulnerable devices.

Slack outage causes lag, message errors, blank screens worldwide

www.bleepingcomputer.com/news/technology/slack-outage-causes-lag-message-errors-blank-screens-worldwide/ Slack is experiencing a worldwide outage causing problems sending messages, editing messages, lag in chats, and channels displaying a blank screen. Lisäksi:


New ransomware vaccine kills programs wiping Windows shadow volumes

www.bleepingcomputer.com/news/security/new-ransomware-vaccine-kills-programs-wiping-windows-shadow-volumes/ A new ransomware vaccine program has been created that terminates processes that try to delete volume shadow copies using Microsoft’s vssadmin.exe program

Häiriö ohi: HUSin koronabotin kaatanut vika on saatu korjattua

yle.fi/uutiset/3-11579085 Koronabotti itsepalveluajanvarauksessa aamulla alkanut häiriö on saatu korjattua, HUS tiedottaa.

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

thehackernews.com/2020/10/antivirus-software-vulnerabilities.html Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems.

You might be interested in …

Daily NCSC-FI news followup 2019-07-23

4 Practical Steps for Shift Left Security blog.paloaltonetworks.com/2019/07/4-practical-steps-shift-left-security/ Since the beginning of modern computing, security has largely been divorced from software development. Recent vulnerability research confirms this. Consider that over the past five years, out of all published vulnerabilities, 76% were from applications. Given this radical shift in attacker focus, its time to embed security […]

Read More

Daily NCSC-FI news followup 2021-02-18

Microsoft Internal Solorigate Investigation Final Update msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/ We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to […]

Read More

Daily NCSC-FI news followup 2019-09-14

Using Docker to Do Machine Learning at Scale www.crowdstrike.com/blog/using-docker-to-do-machine-learning-at-scale/ One key building block we use for scaling our machine learning models at CrowdStrike® is Docker containers. Docker containers let us construct application environments with all the dependencies, tools and security our teams need in an easy to maintain pipeline. This ensures that everyone on the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.