Daily NCSC-FI news followup 2020-10-05

Johdon ohjaus on ratkaisevaa yrityksen kyberkestävyyden kannalta

www.huoltovarmuuskeskus.fi/johdon-ohjaus-on-ratkaisevaa-yrityksen-kyberkestavyyden-kannalta/ Johdon sitoutuminen ja ohjaus ratkaisevat yrityksen kyberkestävyyden ja sitä kautta liiketoiminnan jatkuvuuden. Suomessa finanssiala on pisimmällä kyberturvallisuudessa, kertoo Huoltovarmuusorganisaation Digipoolin teettämä kartoitus

MosaicRegressor: Lurking in the Shadows of UEFI

securelist.com/mosaicregressor/98849/ UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips on modern day computer systems. Replacing the legacy BIOS, it is typically used to facilitate the machine’s boot sequence and load the operating system, while using a feature-rich environment to do so. Lisäksi:

threatpost.com/bootkit-malware-north-korea-diplomats/159846/. Lisäksi:

www.zdnet.com/article/chinese-hacker-group-spotted-using-a-uefi-bootkit-in-the-wild/. Lisäksi:

arstechnica.com/information-technology/2020/10/custom-made-uefi-bootkit-found-lurking-in-the-wild/. Lisäksi:

www.bleepingcomputer.com/news/security/mosaicregressor-second-ever-uefi-rootkit-found-in-the-wild/. Lisäksi: www.wired.com/story/hacking-team-uefi-tool-spyware/

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

threatpost.com/tenda-router-zero-days-spyware-botnet/159834/ A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.

Four npm packages found uploading user details on a GitHub page

www.zdnet.com/article/four-npm-packages-found-uploading-user-details-on-a-github-page/ Four JavaScript npm packages contained malicious code that collected user details and uploaded the information to a public GitHub page.

Crypto-mining worm adds Linux password stealing capability

www.bleepingcomputer.com/news/security/crypto-mining-worm-adds-linux-password-stealing-capability/ The TeamTNT cybercrime group has recently updated its crypto-mining worm with password-stealing capabilities and with an additional network scanner to make it easier to spread to other vulnerable devices.

Slack outage causes lag, message errors, blank screens worldwide

www.bleepingcomputer.com/news/technology/slack-outage-causes-lag-message-errors-blank-screens-worldwide/ Slack is experiencing a worldwide outage causing problems sending messages, editing messages, lag in chats, and channels displaying a blank screen. Lisäksi:

status.slack.com/2020-10/e8c094cc99aabf64

New ransomware vaccine kills programs wiping Windows shadow volumes

www.bleepingcomputer.com/news/security/new-ransomware-vaccine-kills-programs-wiping-windows-shadow-volumes/ A new ransomware vaccine program has been created that terminates processes that try to delete volume shadow copies using Microsoft’s vssadmin.exe program

Häiriö ohi: HUSin koronabotin kaatanut vika on saatu korjattua

yle.fi/uutiset/3-11579085 Koronabotti itsepalveluajanvarauksessa aamulla alkanut häiriö on saatu korjattua, HUS tiedottaa.

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

thehackernews.com/2020/10/antivirus-software-vulnerabilities.html Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.