Daily NCSC-FI news followup 2020-10-20

Ruotsi rajaa kiinalaisyhtiöiden tekniikan pois 5G-verkostaan turvallisuuspoliisin ja puolustusvoimien suosituksesta

yle.fi/uutiset/3-11603515 Ruotsi on päättänyt estää Huawein ja ZTE:n tekniikan käyttämisen maan 5G-verkkoa rakennettaessa. Kyseessä ovat kiinalaiset yhtiöt.. katso myös www.is.fi/digitoday/mobiili/art-2000006675870.html

NSA: Top 25 vulnerabilities actively abused by Chinese hackers

www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/ The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests.. see also

media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF

Seven mobile browsers vulnerable to address bar spoofing attacks

www.zdnet.com/article/seven-mobile-browsers-vulnerable-to-address-bar-spoofing-attacks/ Vulnerabilities allow attackers to trick users into accessing malicious sites while showing the incorrect URL in the address bar.

Facebook: A Top Launching Pad For Phishing Attacks

threatpost.com/facebook-launching-pad-phishing-attacks/160351/ Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks including a recent strike on a half-million Facebook users.

Adobe fixes 18 critical bugs affecting its Windows, macOS apps

www.bleepingcomputer.com/news/security/adobe-fixes-18-critical-bugs-affecting-its-windows-macos-apps/ The software products patched today by Adobe include Adobe Creative Cloud Desktop Application, Adobe InDesign, Adobe Media Encoder, Adobe Premiere Pro, Adobe Photoshop, Adobe After Effects, Adobe Animate, Adobe Dreamweaver, Adobe Illustrator, and Marketo.

Coinbase phishing hijacks Microsoft 365 accounts via OAuth app

www.bleepingcomputer.com/news/microsoft/coinbase-phishing-hijacks-microsoft-365-accounts-via-oauth-app/ A new phishing campaign uses a Coinbase-themed email to install an Office 365 consent app that gives attackers access to a victim’s email.

Google removes two Chrome ad blockers caught collecting user data

www.zdnet.com/article/google-removes-two-chrome-ad-blockers-caught-collecting-user-data/ Nano Adblocker and Nano Defender have been removed from the official Chrome Web Store.

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

threatpost.com/pharma-pfizer-leaks-prescription-call-transcripts/160354/ Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.

Mirai-alike Python Scanner

isc.sans.edu/forums/diary/Miraialike+Python+Scanner/26698/

Barnes & Noble hit by Egregor ransomware, strange data leaked

www.bleepingcomputer.com/news/security/barnes-and-noble-hit-by-egregor-ransomware-strange-data-leaked/ The Egregor ransomware gang is claiming responsibility for the cyberattack on U.S. Bookstore giant Barnes & Noble on October 10th, 2020. The attackers state that they stole unencrypted files as part of the attack.

You might be interested in …

Daily NCSC-FI news followup 2021-07-23

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/ Anything that can gain access to machineseven so-called commodity malwarecan bring in more dangerous threats. Weve seen this in banking Trojans serving as entry point for ransomware and hands-on-keyboard attacks. LemonDuck, an actively updated and robust malware thats primarily known […]

Read More

Daily NCSC-FI news followup 2021-04-21

Alert (AA21-110A) Exploitation of Pulse Connect Secure Vulnerabilities us-cert.cisa.gov/ncas/alerts/aa21-110a The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actoror actorsbeginning in June 2020 or earlier related to vulnerabilities in certain Ivanti Pulse Connect Secure products. Lisäksi: threatpost.com/pulse-secure-critical-zero-day-active-exploit/165523/. […]

Read More

Daily NCSC-FI news followup 2019-12-27

Yli puolet haittaohjelmista muhii kodin älylaitteissa – kaksi asiaa, joilla tukit helpoimmat vuotopaikat yle.fi/uutiset/3-11127237?origin=rss Kotirauhaasi häiritsevät uhat ovat varsin yksinkertaisia haittaohjelmia. Kun perusasiat ovat kunnossa, saadaan tietoturva paljon paremmaksi. Muista nämä: salasana ja laitteen päivitykset.. Nämä kaksi kriteeriä ovat myös tietoturvamerkin ehtoja laitevalmistajille – tietoturvamerkki.fi/ Kunnilla heikkoja salasanoja ja huteria palomuureja – Lahti maksoi kyberhyökkäyksen […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.