Useat tahot tutkivat psykoterapiakeskus Vastaamon tietomurtoa ja kiristystä Kyberturvallisuuskeskus pitää tapausta poikkeuksellisena
yle.fi/uutiset/3-11605223 Psykoterapiakeskus Vastaamoon on tehty tietomurto. Yritys kertoo tiedotteessaan, että ulkopuolinen henkilö on ollut heihin yhteydessä ja kertonut saaneensa asiakkaiden luottamuksellisia tietoja.. Tiedoista on myös yritetty kiristää rahaa.. katso myös
www.is.fi/digitoday/tietoturva/art-2000006677282.html
Kelan nimissä kalastellaan verkkopankkitunnuksia ja luottokorttitietoja
yle.fi/uutiset/3-11606389 Kelan nimissä lähetetyissä huijausviesteissä väitetään, että asiakkaiden terveystiedot ja luottokorttitiedot olisivat vaarantuneet.. Viesti on kirjoitettu suomeksi ja sen sisältämä linkki ohjaa kirjautumaan sivustolle, joka muistuttaa Suomi.fi – -kirjautumissivua. Huijaussivulla yritetään saada haltuun verkkopankkitunnuksia ja luottokorttitietoja.
Google releases Chrome security update to patch actively exploited zero-day
www.zdnet.com/article/google-releases-chrome-security-update-to-patch-actively-exploited-zero-day/ Google has released Chrome version 86.0.4240.111 earlier today to deploy security fixes, including a patch for an actively exploited zero-day vulnerability.
Cisco warns of attacks targeting high severity router vulnerability
www.bleepingcomputer.com/news/security/cisco-warns-of-attacks-targeting-high-severity-router-vulnerability/ Cisco today warned of attacks actively targeting the CVE-2020-3118 high severity vulnerability found to affect multiple carrier-grade routers that run the company’s Cisco IOS XR Software.. “In October 2020, the Cisco Product Security Incident Response Team (PSIRT) received reports of attempted exploitation of this vulnerability in the wild,” the updated advisory reads.. Cisco fixed the CVE-2020-3118 security flaw in February 2020, together with four other severe vulnerabilities discovered by IoT security company Armis and collectively dubbed CDPwn.
Oracle Kills 402 Bugs in Massive October Patch Update
threatpost.com/oracle-october-patch-update/160407/ Over half of Oracles flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.
Life of Maze ransomware
securelist.com/maze-ransomware/99137/ In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG, Southwire, and the City of Pensacola.
Microsoft says it took down 94% of TrickBot’s command and control servers
www.zdnet.com/article/microsoft-says-it-took-down-94-of-trickbots-command-and-control-servers/ TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online.. see also
www.bleepingcomputer.com/news/security/trickbot-malware-under-siege-from-all-sides-and-its-working/
LockBit ransomware moves quietly on the network, strikes fast
www.bleepingcomputer.com/news/security/lockbit-ransomware-moves-quietly-on-the-network-strikes-fast/ LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim network.
Montreal’s STM public transport system hit by ransomware attack
www.bleepingcomputer.com/news/security/montreals-stm-public-transport-system-hit-by-ransomware-attack/ Montreal’s Société de transport de Montréal (STM) public transport system was hit with a RansomExx ransomware attack that has impacted services and online systems.
MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states
www.zdnet.com/article/mobileiron-enterprise-mdm-servers-under-attack-from-ddos-gangs-nation-states/ Threat actors range from DDoS botnets to Chinese state-sponsored hacking groups.
QNAP warns of Windows Zerologon flaw affecting some NAS devices
www.bleepingcomputer.com/news/security/qnap-warns-of-windows-zerologon-flaw-affecting-some-nas-devices/ Network-attached storage device maker QNAP warns customers that some NAS storage devices running vulnerable versions of the QTS operating system are exposed to attacks attempting to exploit the critical Windows ZeroLogon (CVE-2020-1472) vulnerability.
Moving to a cloud, not a storm
www.ncsc.gov.uk/blog-post/move-to-a-cloud-not-a-storm Avoiding common problems when moving to the cloud.