Daily NCSC-FI news followup 2020-10-08

Saitko tekstiviestin Postin nimissä? Varothan, viesti voi olla huijaus

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/saitko-tekstiviestin-postin-nimissa-varothan-viesti-voi-olla-huijaus Päivitetty 07.10.2020 14:28. Uudessa huijaustyypissä tekstiviestillä lähetetystä linkistä aukeava kalastelusivu muuntautuu päätelaitteesi mukaan: iOS-laitteilta kalastellaan iCloud-tunnuksia, Androideille tarjotaan haitallista sovellusta (.apk-paketti).

Android Users Beware: Delete These 240 Malicious Apps Now

www.forbes.com/sites/kateoflahertyuk/2020/10/08/android-users-beware-delete-these-240-malicious-apps-now/ Android users need to check their devices today after security researchers revealed 240 malicious apps have been barraging people with irrelevant ads. Lisäksi:


Android Ransomware Has Picked Up Some Foreboding New Tricks

www.wired.com/story/android-ransomware-worrying-evolution/ Though ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can’t tolerate downtime. But along with the various types of PC malware that are typically used in these attacks, there’s another burgeoning platform for ransomware as well: Android phones.

MontysThree: Industrial cyberspy

www.kaspersky.com/blog/montysthree-industrial-cyberspy/37263/ Our experts have found traces of activity of a new cybercriminal group that spies on industrial enterprises. The crooks are carrying out targeted attacks, using a tool that our researchers call MontysThree, looking for documents on victims’ computers. Lisäksi:

securelist.com/montysthree-industrial-espionage/98972/. Lisäksi:


US seizes Iranian government domains masked as legitimate news outlets

www.zdnet.com/article/us-seizes-iranian-government-domains-masked-as-legitimate-news-outlets US law enforcement has seized 92 domains used to spread propaganda and fake news by Iran’s Islamic Revolutionary Guard Corps (IRGC).

Waterbear malware used in attack wave against government agencies

www.zdnet.com/article/waterbear-malware-used-in-attack-wave-against-government-agencies According to CyCraft researchers, the attacks took place in April 2020, but in an interesting twist, the threat group responsible leveraged malware already present on compromised servers — due to past attacks — in order to deploy malware.

Google Rolls Out Fixes for High-Severity Android System Flaws

threatpost.com/google-android-system-flaws/159948/ The most serious bugs are elevation-of-privilege issues in the Android System component (CVE-2020-0215 and CVE-2020-0416).

HEH P2P Botnet Sports Dangerous Wiper Function

threatpost.com/heh-p2p-botnet-wiper-function/159974/ The P2P malware is infecting any and all types of endpoints via brute-forcing, with 10 versions targeting desktops, laptops, mobile and IoT devices.

Microsoft Azure Flaws Open Admin Servers to Takeover

threatpost.com/microsoft-azure-flaws-servers-takeover/159965/ Two flaws in Microsoft’s cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks. Lisäksi:


Phishing emails lure victims with inside info on Trump’s health

www.bleepingcomputer.com/news/security/phishing-emails-lure-victims-with-inside-info-on-trumps-health/ A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump’s health after being infected with COVID-19. Lisäksi:


Gmail users: Expect to see these new security alerts, says Google

www.zdnet.com/article/gmail-users-expect-to-see-these-new-security-alerts-says-google Over the next few weeks, Google will start rolling out new security alerts for critical issues affecting individual Google accounts, with the alert displayed in the Google app currently being used.. Lisäksi:

www.tivi.fi/uutiset/tv/208b7191-b8dc-481b-8cd2-56190c4efab6. Lisäksi:


Facebook’s Most Recent Transparency Report Demonstrates the Pitfalls of Automated Content Moderation

www.eff.org/deeplinks/2020/10/facebooks-most-recent-transparency-report-demonstrates-pitfalls-automated-content In the wake of the coronavirus pandemic, many social media platforms shifted their content moderation policies to rely much more heavily on automated tools. Lisäksi:


Microsoft adds consent phishing protection to Office 365

www.bleepingcomputer.com/news/security/microsoft-adds-consent-phishing-protection-to-office-365/ Microsoft announced that consent phishing protections including OAuth app publisher verification and app consent policies are now generally available in Office 365.

Highlights on the National Cybersecurity Strategies

www.enisa.europa.eu/news/enisa-news/Highlights-on-the-National-Cybersecurity-Strategies The purpose of the framework is to help Member States perform a self-assessment of their level of maturity. By assessing their National Cybersecurity Strategy objectives both at strategic and at operational level, Member States will be able to possibly enhance existing and build new cybersecurity capabilities.

Autonomous Vehicle Security Needs From A Hacker’s Perspective

securityintelligence.com/posts/autonomous-car-security-hackers-perspective/ With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security.

ICANN turns on root server cluster in Singapore

www.zdnet.com/article/icann-turns-on-root-server-cluster-in-singapore The Internet Corporation for Assigned Names and Numbers (ICANN) has turned on an ICANN Managed Root Server (IMRS) cluster in Singapore, marking it the first of such site in Asia-Pacific. The region currently sees the highest volume of queries worldwide, receiving twice as many as Europe.

52 Alarming Cyberbullying Statistics in 2021

www.pandasecurity.com/mediacenter/family-safety/cyberbullying-statistics/ Standing up to bullies was once a brave act that defied social norms. Today, the landscape is not so clear-cut. Enter: cyberbullying. Adolescents are forced to endure pressure from peers at any given hour of the dayoften without even knowing the identity of bully.

You might be interested in …

Daily NCSC-FI news followup 2020-01-23

Increased Emotet Malware Activity www.us-cert.gov/ncas/current-activity/2020/01/22/increased-emotet-malware-activity The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or dropper of other malware. Emotet primarily spreads via malicious email attachments and attempts to proliferate within a network by brute […]

Read More

Daily NCSC-FI news followup 2020-07-03

New Apple macOS Big Sur feature to hamper adware operations www.zdnet.com/article/new-apple-macos-big-sur-feature-to-hamper-adware-operations/#ftag=RSSbaffb68 Apple has disabled the ability to silently install macOS profiles from the CLI in macOS 11, a measure that was widely employed by adware and malware gangs. Windows 10: Microsoft Defender ATP now rates your security configurations www.zdnet.com/article/windows-10-microsoft-defender-atp-now-rates-your-security-configurations/#ftag=RSSbaffb68 New Microsoft Defender ATP service will […]

Read More

Daily NCSC-FI news followup 2020-10-11

Settings That Impact The Windows OS windowsir.blogspot.com/2020/10/settings-that-impact-windows-os.html There are a number of settings within Windows systems that can and do significantly impact the functionality of Windows, and as a result, can also impact what is available to a DFIR analyst. These settings very often manifest as modifications to Registry keys or values. These settings also […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.