Daily NCSC-FI news followup 2020-10-10

US Cyber Command has sought to disrupt the world’s largest botnet, hoping to reduce its potential impact on the election

www.washingtonpost.com/national-security/cyber-command-trickbot-disrupt/2020/10/09/19587aae-0a32-11eb-a166-dc429b380d10_story.html In recent weeks, the U.S. military has mounted an operation to temporarily disrupt what is described as the world’s largest botnet one used also to drop ransomware, which officials say is one of the top threats to the 2020 election. Myös:

krebsonsecurity.com/2020/10/report-u-s-cyber-command-behind-trickbot-tricks/

CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against Government, Critical Infrastructure, and Elections Organizations

us-cert.cisa.gov/ncas/current-activity/2020/10/09/cisa-and-fbi-release-joint-advisory-regarding-apt-actors-chaining The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory regarding advanced persistent threat (APT) actors chaining vulnerabilities in an attempt to compromise federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations. Report:

us-cert.cisa.gov/ncas/alerts/aa20-283a

Apple’s T2 security chip has an unfixable flaw – Checkm8 vulnerability used to jailbreak iPhones hits Macs as well

arstechnica.com/information-technology/2020/10/apples-t2-security-chip-has-an-unfixable-flaw/ A recently released tool is letting anyone exploit an unusual Mac vulnerability to bypass Apple’s trusted T2 security chip and gain deep system access. The flaw is one researchers have also been using for more than a year to jailbreak older models of iPhones. Worst of all, while Apple may be able to slow down potential hackers, the flaw is ultimately unfixable in every Mac that has a T2 inside.

Google adds password breach alerts to Chrome for Android, iOS

www.welivesecurity.com/2020/10/08/chrome-android-ios-can-now-tell-you-if-your-password-has-been-stolen/ Much like with a feature that is already available for Chrome on computers, the browser’s version for mobile platforms will now compare your saved login credentials against a list of login details that are known to have been compromised; if a match is found, it will alert you.

Google boosts malware protection for high-risk accounts

www.bleepingcomputer.com/news/security/google-boosts-malware-protection-for-high-risk-accounts/ Google’s Advanced Protection Program is a free service that aims to protect the accounts of users including but not limited to activists, journalists, business leaders, and political teams who have a higher risk of being targeted by online attacks. APP blocks unauthorized access to enrolled users’ accounts, offers additional protection from harmful downloads, and secures the users’ info.

You might be interested in …

Daily NCSC-FI news followup 2021-04-18

Ryuk ransomware operation updates hacking techniques www.bleepingcomputer.com/news/security/ryuk-ransomware-operation-updates-hacking-techniques/ Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the public internet. Discord […]

Read More

Daily NCSC-FI news followup 2020-11-01

Nyt tuli peli, jota puolustusministeriökin hehkuttaa: “Nyt saa pelata työajalla” www.is.fi/digitoday/tietoturva/art-2000006705549.html Digiturvallinen elämä -peli ei vie paljoa aikaa, mutta sen hyödyt voivat kantaa pitkälle. US Cyber Command exposes new Russian malware www.zdnet.com/article/us-cyber-command-exposes-new-russian-malware/#ftag=RSSbaffb68 Together with CISA and the FBI, US Cyber Command wish Russian state hackers a “Happy Halloween!”. Six of the eight samples are for […]

Read More

Daily NCSC-FI news followup 2019-10-01

Yritysten kybervarautumisen tilanne ei juurikaan ole muuttunut uhat ovat yleistyneet www.kauppakamarilehti.fi/index.php/ajankohtaista/yritysten-kybervarautumisen-tilanne-ei-juurikaan-ole-muuttunut-uhat-ovat-yleistyneet/ Selvitys tehtiin syksyllä 2019 yhteistyössä CyVantage LLC:n kanssa. Yrityksiin kohdistuvat kyberuhat 2019 -selvitys osoittaa että niin yritysten kuin viranomaisten toiminnassa torjua kyberuhkia on paljon kehitettävää. Selvitys on kolmas, mikä aiheesta on tehty. Comodo Forums Breached, Data of Over 170,000 Users Up for Grabs www.bleepingcomputer.com/news/security/comodo-forums-breached-data-of-over-170-000-users-up-for-grabs/ […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.