Daily NCSC-FI news followup 2020-10-08

Saitko tekstiviestin Postin nimissä? Varothan, viesti voi olla huijaus

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/saitko-tekstiviestin-postin-nimissa-varothan-viesti-voi-olla-huijaus Päivitetty 07.10.2020 14:28. Uudessa huijaustyypissä tekstiviestillä lähetetystä linkistä aukeava kalastelusivu muuntautuu päätelaitteesi mukaan: iOS-laitteilta kalastellaan iCloud-tunnuksia, Androideille tarjotaan haitallista sovellusta (.apk-paketti).

Android Users Beware: Delete These 240 Malicious Apps Now

www.forbes.com/sites/kateoflahertyuk/2020/10/08/android-users-beware-delete-these-240-malicious-apps-now/ Android users need to check their devices today after security researchers revealed 240 malicious apps have been barraging people with irrelevant ads. Lisäksi:


Android Ransomware Has Picked Up Some Foreboding New Tricks

www.wired.com/story/android-ransomware-worrying-evolution/ Though ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can’t tolerate downtime. But along with the various types of PC malware that are typically used in these attacks, there’s another burgeoning platform for ransomware as well: Android phones.

MontysThree: Industrial cyberspy

www.kaspersky.com/blog/montysthree-industrial-cyberspy/37263/ Our experts have found traces of activity of a new cybercriminal group that spies on industrial enterprises. The crooks are carrying out targeted attacks, using a tool that our researchers call MontysThree, looking for documents on victims’ computers. Lisäksi:

securelist.com/montysthree-industrial-espionage/98972/. Lisäksi:


US seizes Iranian government domains masked as legitimate news outlets

www.zdnet.com/article/us-seizes-iranian-government-domains-masked-as-legitimate-news-outlets US law enforcement has seized 92 domains used to spread propaganda and fake news by Iran’s Islamic Revolutionary Guard Corps (IRGC).

Waterbear malware used in attack wave against government agencies

www.zdnet.com/article/waterbear-malware-used-in-attack-wave-against-government-agencies According to CyCraft researchers, the attacks took place in April 2020, but in an interesting twist, the threat group responsible leveraged malware already present on compromised servers — due to past attacks — in order to deploy malware.

Google Rolls Out Fixes for High-Severity Android System Flaws

threatpost.com/google-android-system-flaws/159948/ The most serious bugs are elevation-of-privilege issues in the Android System component (CVE-2020-0215 and CVE-2020-0416).

HEH P2P Botnet Sports Dangerous Wiper Function

threatpost.com/heh-p2p-botnet-wiper-function/159974/ The P2P malware is infecting any and all types of endpoints via brute-forcing, with 10 versions targeting desktops, laptops, mobile and IoT devices.

Microsoft Azure Flaws Open Admin Servers to Takeover

threatpost.com/microsoft-azure-flaws-servers-takeover/159965/ Two flaws in Microsoft’s cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks. Lisäksi:


Phishing emails lure victims with inside info on Trump’s health

www.bleepingcomputer.com/news/security/phishing-emails-lure-victims-with-inside-info-on-trumps-health/ A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump’s health after being infected with COVID-19. Lisäksi:


Gmail users: Expect to see these new security alerts, says Google

www.zdnet.com/article/gmail-users-expect-to-see-these-new-security-alerts-says-google Over the next few weeks, Google will start rolling out new security alerts for critical issues affecting individual Google accounts, with the alert displayed in the Google app currently being used.. Lisäksi:

www.tivi.fi/uutiset/tv/208b7191-b8dc-481b-8cd2-56190c4efab6. Lisäksi:


Facebook’s Most Recent Transparency Report Demonstrates the Pitfalls of Automated Content Moderation

www.eff.org/deeplinks/2020/10/facebooks-most-recent-transparency-report-demonstrates-pitfalls-automated-content In the wake of the coronavirus pandemic, many social media platforms shifted their content moderation policies to rely much more heavily on automated tools. Lisäksi:


Microsoft adds consent phishing protection to Office 365

www.bleepingcomputer.com/news/security/microsoft-adds-consent-phishing-protection-to-office-365/ Microsoft announced that consent phishing protections including OAuth app publisher verification and app consent policies are now generally available in Office 365.

Highlights on the National Cybersecurity Strategies

www.enisa.europa.eu/news/enisa-news/Highlights-on-the-National-Cybersecurity-Strategies The purpose of the framework is to help Member States perform a self-assessment of their level of maturity. By assessing their National Cybersecurity Strategy objectives both at strategic and at operational level, Member States will be able to possibly enhance existing and build new cybersecurity capabilities.

Autonomous Vehicle Security Needs From A Hacker’s Perspective

securityintelligence.com/posts/autonomous-car-security-hackers-perspective/ With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security.

ICANN turns on root server cluster in Singapore

www.zdnet.com/article/icann-turns-on-root-server-cluster-in-singapore The Internet Corporation for Assigned Names and Numbers (ICANN) has turned on an ICANN Managed Root Server (IMRS) cluster in Singapore, marking it the first of such site in Asia-Pacific. The region currently sees the highest volume of queries worldwide, receiving twice as many as Europe.

52 Alarming Cyberbullying Statistics in 2021

www.pandasecurity.com/mediacenter/family-safety/cyberbullying-statistics/ Standing up to bullies was once a brave act that defied social norms. Today, the landscape is not so clear-cut. Enter: cyberbullying. Adolescents are forced to endure pressure from peers at any given hour of the dayoften without even knowing the identity of bully.

You might be interested in …

Daily NCSC-FI news followup 2020-08-12

Annatko selaimen tallentaa salasanasi? Haittaohjelman uusi versio voi varastaa ne salaa www.is.fi/digitoday/tietoturva/art-2000006598720.html Salasanoja vohkiva Agent Tesla muuttui entistäkin pahemmaksi uhkaksi. Samalla se osoittaa, miten kätevyys voi kostautua salasanojen säilytyksessä.. Selain kysyy verkkopalveluun kirjautuessa, tallennetaanko salasana jatkoa varten. Kovin usein tulee painettua kyllä, jotta seuraavalla kerralla olisi helpompi päästä sisään. Tämä kuitenkin synnyttää rikollisille houkuttelevan varannon […]

Read More

Daily NCSC-FI news followup 2020-10-24

Vastaamon asiakkaat ovat saaneet henkilökohtaisia kiristysviestejä, viesteissä vaaditaan 200-500 euron arvosta bitcoineja Poliisi: “Kiristysviestin vaatimuksiin ei tule suostua” www.hs.fi/kotimaa/art-2000006698803.html Jos uhri ei maksa, kiristäjä uhkaa julkaista hänen tietonsa sisältäen henkilötietojen lisäksi tarkan potilaskertomuksen, joka sisältää litteroituna terapeutin kanssa käydyt keskustelut. Myös: Vastaamon asiakkaat saavat nyt kiristysviestejä sähköposteihinsa viesteissä vaaditaan 200-500 euron arvosta bitcoineja – yle.fi/uutiset/3-11612183 […]

Read More

Daily NCSC-FI news followup 2019-10-30

Major vulnerability patched in the EU’s eIDAS authentication system www.zdnet.com/article/major-vulnerability-patched-in-the-eus-eidas-authentication-system/ Vulnerability would have allowed attackers to pose as any EU citizen or business. SEC Consult researchers said they found that current versions of the eIDAS-Node package fail to validate certificates used in eIDAS operations, allowing attackers to fake the certificate of any other eIDAS citizen […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.