Daily NCSC-FI news followup 2020-10-17

Google warned users of 33,000 state-sponsored attacks in 2020

www.bleepingcomputer.com/news/security/google-warned-users-of-33-000-state-sponsored-attacks-in-2020/ Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts.

Political campaign emails contain dark patterns to manipulate donors, voters

www.zdnet.com/article/political-campaign-emails-contain-dark-patterns-to-manipulate-donors-voters/ Princeton researchers analyzed 100,000 different campaign emails from more than 3,000 political candidates.. US political candidates use psychological tricks and dark patterns in their emails to manipulate supporters to donate money and mobilize voters.

Suomi julkisti näkemyksensä kansainvälisestä oikeudesta kyberympäristössä

um.fi/ajankohtaista/-/asset_publisher/gc654PySnjTX/content/suomi-julkisti-n-c3-a4kemyksens-c3-a4-kansainv-c3-a4lisest-c3-a4-oikeudesta-kyberymp-c3-a4rist-c3-b6ss-c3-a4

Hackers now abuse BaseCamp for free malware hosting

www.bleepingcomputer.com/news/security/hackers-now-abuse-basecamp-for-free-malware-hosting/ Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal your login credentials.

Phishers Capitalize on Headlines with Breakneck Speed

threatpost.com/phishers-capitalize-headlines-speed/160249/ Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams all with the same infrastructure.

Nation-state actor hit Google with the largest DDoS attack

www.bleepingcomputer.com/news/security/nation-state-actor-hit-google-with-the-largest-ddos-attack/ In an overview of distributed denial-of-service (DDoS) trends targeting its network links, Google revealed that in 2017 a nation-state actor used massive firepower that amounted to more than 2.54 terabits per second.

5 things you can do to secure your home office without hiring an expert

www.welivesecurity.com/2020/10/16/5-things-you-can-do-secure-home-office-without-hiring-expert/ You dont need a degree in cybersecurity or a bottomless budget to do the security basics well here are five things that will get you on the right track

You might be interested in …

Daily NCSC-FI news followup 2019-08-29

Critical Cisco VM Bug Allows Remote Takeover of Routers threatpost.com/critical-cisco-bug-remote-takeover-routers/147826/ Five More Hackers Become Millionaires on HackerOne www.bleepingcomputer.com/news/security/five-more-hackers-become-millionaires-on-hackerone/ Google adds all Android apps with +100m installs to its bug bounty program www.zdnet.com/article/google-adds-all-android-apps-with-100m-installs-to-its-bug-bounty-program/ Google Targets Data-Abusing Apps with Bug Bounty Launch threatpost.com/google-targets-data-abusing-apps-bug-bounty/147825/ Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem www.darkreading.com/vulnerabilities—threats/vulnerability-management/bug-bounties-continue-to-rise-but-market-has-its-own-1–problem/d/d-id/1335689 The […]

Read More

Daily NCSC-FI news followup 2019-07-26

Stock Trading Service Robinhood Admits To Storing Some Passwords in Cleartext www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/ “On Monday night, we discovered that some user credentials were stored in a readable format within our internal system,” the company said.. “We resolved the issue, and after thorough review, found no evidence that this information was accessed by anyone outside our response […]

Read More

Daily NCSC-FI news followup 2019-10-21

Verkon myyntisivustolla liikkuu huijariostajia näyttävät myyjälle väärennetyn kuitin tai tiliotteen www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/verkon_myyntisivustolla_liikkuu_huijariostajia_nayttavat_myyjalle_vaarennetyn_kuitin_tai_tiliotteen_85170 Helsingin poliisin tietoon on tullut syksyn aikana samantyyppisiä huijaustapauksia, joissa tavarat ovat vaihtaneet omistajaa Tori.fi-verkkosivuston kautta. Tapauksissa huijarit ovat esittäneet ostotilanteessa myyjälle väärennetyn kuitin tai tiliotteen, joka on tehty pankin demosivustolla. Venäläiset kaappasivat Iranin operaation ja vakoilivat kohteita kymmenissä maissa www.hs.fi/ulkomaat/art-2000006280146.html Turvallisuuspalvelu FSB:hen yhdistetty […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.