Daily NCSC-FI news followup 2020-10-06

Myöhästyykö odotettu koronarokote? Ongelmat liittyvät keskeiseen sovellukseen

www.tivi.fi/uutiset/tv/a758c9c3-96cc-4861-86bd-00adc7544339 New York Times kirjoittaa eResearch Technologyyn (ERT) kohdistuneesta kiristyshaittaohjelmasta. ERT:n ohjelmistoa käyttävät monet lääkevalmistajat muun muassa koronarokotteiden kliinisissä testeissä Euroopassa, Aasiassa ja Pohjois-Amerikassa. Lisäksi:

www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html. Lisäksi:

threatpost.com/covid-19-clinical-trials-ransomware/159877/

Emotet Malware

us-cert.cisa.gov/ncas/alerts/aa20-280a To secure against Emotet, CISA and MS-ISAC recommend implementing the mitigation measures described in this Alert, which include applying protocols that block suspicious attachments, using antivirus software, and blocking suspicious IPs.

Telia Company reaches agreement to sell its carrier operation to Polhem Infra

www.teliacarrier.com/news-and-events/press-releases/telia-company-to-sell-telia-carrier.html Stockholm, 6 October 2020 Telia Company today announces that it has reached an agreement with Polhem Infra for the sale of its international carrier business, Telia Carrier, for a value of SEK 9, 450 million on a cash and debt free basis. Lisäksi:

www.tivi.fi/uutiset/tv/5eaedfc4-c115-4e00-8b66-4ef49d9c5f8f

Mobile network operator falls into the hands of Fullz House criminal group

blog.malwarebytes.com/malwarebytes-news/2020/10/mobile-network-operator-falls-into-the-hands-of-fullz-house-criminal-group/ Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happened to be vulnerable. Lisäksi:

www.zdnet.com/article/boom-mobile-falls-prey-to-magecart-card-skimming-attack. Lisäksi:

arstechnica.com/information-technology/2020/10/boom-hacked-page-on-mobile-phone-website-is-stealing-customers-card-data/. Lisäksi:

www.bleepingcomputer.com/news/security/hacker-group-compromises-mobile-provider-to-steal-credit-cards/. Lisäksi:

threatpost.com/boom-mobile-customer-data-fullz-house-magecart/159887/

Microsoft says Iranian hackers are exploiting the Zerologon vulnerability

www.zdnet.com/article/microsoft-says-iranian-hackers-are-exploiting-the-zerologon-vulnerability Successful attacks would allow hackers to take over servers known as domain controllers (DC) that are the centerpieces of most enterprise networks and enable intruders to gain full control over their targets. Lisäksi:

www.bleepingcomputer.com/news/security/microsoft-iranian-hackers-actively-exploiting-windows-zerologon-flaw/. Lisäksi:

threatpost.com/microsoft-zerologon-attack-iranian-actors/159874/. Lisäksi:

rootdaemon.com/2020/10/05/microsoft-says-iranian-hackers-are-exploiting-the-zerologon-vulnerability/

Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374, 300 to Global Security Research Community

msrc-blog.microsoft.com/2020/10/06/azure-sphere-security-research-challenge-concluded/ The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. Lisäksi:

www.bleepingcomputer.com/news/security/microsoft-pays-over-370-000-for-azure-sphere-bug-reports/. Lisäksi: blogs.cisco.com/security/talos/azure-sphere-challenge

EU’s top court limits government spying on citizens’ mobile and internet data

www.cnbc.com/2020/10/06/ecj-limits-government-spying-on-citizens-mobile-and-internet-data-.html The European Court of Justice (ECJ), the EU’s highest legal authority, ruled Tuesday that member states cannot collect mass mobile and internet data on citizens.

REvil Ransomware Gang Offers $1 Million As Part Of Recruitment Drive

www.forbes.com/sites/simonchandler/2020/10/06/revil-ransomware-gang-offers-1-million-as-part-of-recruitment-drive/ The criminal group behind the REvil ransomware operation has deposited bitcoin worth $1 million on a Russian-speaking hacker website, as part of a drive to recruit more members.

Ransomware threat surge, Ryuk attacks about 20 orgs per week

www.bleepingcomputer.com/news/security/ransomware-threat-surge-ryuk-attacks-about-20-orgs-per-week/ Malware researchers monitoring ransomware threats noticed a sharp increase in these attacks over the past months compared to the first six months of 2020.

Release the Kraken: Fileless APT attack abuses Windows Error Reporting service

blog.malwarebytes.com/malwarebytes-news/2020/10/kraken-attack-abuses-wer-service/ On September 17th, we discovered a new attack called Kraken that injected its payload into the Windows Error Reporting (WER) service as a defense evasion mechanism. Lisäksi:

www.bleepingcomputer.com/news/security/hackers-abuse-windows-error-service-in-fileless-malware-attack/. Lisäksi:

threatpost.com/apt-attack-malware-windows-error-reporting/159861/

Five bar and cafe owners arrested in France for running no-log WiFi networks

www.zdnet.com/article/five-bar-and-cafe-owners-arrested-in-france-for-running-no-log-wifi-networks/ In one of the weirdest arrests of the year, at least five bar and cafe managers from the French city of Grenoble were taken into custody last week for running open WiFi networks at their establishments and not keeping logs of past connected users. Five bar and cafe owners arrested in France for running no-log WiFi networks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.