Daily NCSC-FI news followup 2020-10-06

Myöhästyykö odotettu koronarokote? Ongelmat liittyvät keskeiseen sovellukseen

www.tivi.fi/uutiset/tv/a758c9c3-96cc-4861-86bd-00adc7544339 New York Times kirjoittaa eResearch Technologyyn (ERT) kohdistuneesta kiristyshaittaohjelmasta. ERT:n ohjelmistoa käyttävät monet lääkevalmistajat muun muassa koronarokotteiden kliinisissä testeissä Euroopassa, Aasiassa ja Pohjois-Amerikassa. Lisäksi:

www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html. Lisäksi:

threatpost.com/covid-19-clinical-trials-ransomware/159877/

Emotet Malware

us-cert.cisa.gov/ncas/alerts/aa20-280a To secure against Emotet, CISA and MS-ISAC recommend implementing the mitigation measures described in this Alert, which include applying protocols that block suspicious attachments, using antivirus software, and blocking suspicious IPs.

Telia Company reaches agreement to sell its carrier operation to Polhem Infra

www.teliacarrier.com/news-and-events/press-releases/telia-company-to-sell-telia-carrier.html Stockholm, 6 October 2020 Telia Company today announces that it has reached an agreement with Polhem Infra for the sale of its international carrier business, Telia Carrier, for a value of SEK 9, 450 million on a cash and debt free basis. Lisäksi:

www.tivi.fi/uutiset/tv/5eaedfc4-c115-4e00-8b66-4ef49d9c5f8f

Mobile network operator falls into the hands of Fullz House criminal group

blog.malwarebytes.com/malwarebytes-news/2020/10/mobile-network-operator-falls-into-the-hands-of-fullz-house-criminal-group/ Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happened to be vulnerable. Lisäksi:

www.zdnet.com/article/boom-mobile-falls-prey-to-magecart-card-skimming-attack. Lisäksi:

arstechnica.com/information-technology/2020/10/boom-hacked-page-on-mobile-phone-website-is-stealing-customers-card-data/. Lisäksi:

www.bleepingcomputer.com/news/security/hacker-group-compromises-mobile-provider-to-steal-credit-cards/. Lisäksi:

threatpost.com/boom-mobile-customer-data-fullz-house-magecart/159887/

Microsoft says Iranian hackers are exploiting the Zerologon vulnerability

www.zdnet.com/article/microsoft-says-iranian-hackers-are-exploiting-the-zerologon-vulnerability Successful attacks would allow hackers to take over servers known as domain controllers (DC) that are the centerpieces of most enterprise networks and enable intruders to gain full control over their targets. Lisäksi:

www.bleepingcomputer.com/news/security/microsoft-iranian-hackers-actively-exploiting-windows-zerologon-flaw/. Lisäksi:

threatpost.com/microsoft-zerologon-attack-iranian-actors/159874/. Lisäksi:

rootdaemon.com/2020/10/05/microsoft-says-iranian-hackers-are-exploiting-the-zerologon-vulnerability/

Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374, 300 to Global Security Research Community

msrc-blog.microsoft.com/2020/10/06/azure-sphere-security-research-challenge-concluded/ The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. Lisäksi:

www.bleepingcomputer.com/news/security/microsoft-pays-over-370-000-for-azure-sphere-bug-reports/. Lisäksi: blogs.cisco.com/security/talos/azure-sphere-challenge

EU’s top court limits government spying on citizens’ mobile and internet data

www.cnbc.com/2020/10/06/ecj-limits-government-spying-on-citizens-mobile-and-internet-data-.html The European Court of Justice (ECJ), the EU’s highest legal authority, ruled Tuesday that member states cannot collect mass mobile and internet data on citizens.

REvil Ransomware Gang Offers $1 Million As Part Of Recruitment Drive

www.forbes.com/sites/simonchandler/2020/10/06/revil-ransomware-gang-offers-1-million-as-part-of-recruitment-drive/ The criminal group behind the REvil ransomware operation has deposited bitcoin worth $1 million on a Russian-speaking hacker website, as part of a drive to recruit more members.

Ransomware threat surge, Ryuk attacks about 20 orgs per week

www.bleepingcomputer.com/news/security/ransomware-threat-surge-ryuk-attacks-about-20-orgs-per-week/ Malware researchers monitoring ransomware threats noticed a sharp increase in these attacks over the past months compared to the first six months of 2020.

Release the Kraken: Fileless APT attack abuses Windows Error Reporting service

blog.malwarebytes.com/malwarebytes-news/2020/10/kraken-attack-abuses-wer-service/ On September 17th, we discovered a new attack called Kraken that injected its payload into the Windows Error Reporting (WER) service as a defense evasion mechanism. Lisäksi:

www.bleepingcomputer.com/news/security/hackers-abuse-windows-error-service-in-fileless-malware-attack/. Lisäksi:

threatpost.com/apt-attack-malware-windows-error-reporting/159861/

Five bar and cafe owners arrested in France for running no-log WiFi networks

www.zdnet.com/article/five-bar-and-cafe-owners-arrested-in-france-for-running-no-log-wifi-networks/ In one of the weirdest arrests of the year, at least five bar and cafe managers from the French city of Grenoble were taken into custody last week for running open WiFi networks at their establishments and not keeping logs of past connected users. Five bar and cafe owners arrested in France for running no-log WiFi networks

You might be interested in …

Daily NCSC-FI news followup 2020-10-31

Code of Practice for Cyber Security and Safety in Engineering www.ncsc.gov.uk/news/code-of-practice-cyber-security-and-safety-in-engineering The Institution of Engineering and Technology has published a Code of Practice with the support of the NCSC. A Code of Practice to help the engineering sector implement effective cyber security has been published today. The Code, developed by the Institution of Engineering and […]

Read More

Daily NCSC-FI news followup 2020-11-27

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors thehackernews.com/2020/11/digitally-signed-bandook-malware-once.html A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark […]

Read More

Daily NCSC-FI news followup 2020-01-29

EXCLUSIVE: The cyber attack the UN tried to keep under wraps www.thenewhumanitarian.org/investigation/2020/01/29/united-nations-cyber-attack The UN did not publicly disclose a major hacking attack into its IT systems in Europe a decision that potentially put staff, other organisations, and individuals at risk, according to data protection advocates.. also: apnews.com/0d958e15d7f5081dd612f07482f48b73 Someone Tried to Hack My Phone. Technology Researchers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.