Daily NCSC-FI news followup 2020-10-21

Useat tahot tutkivat psykoterapiakeskus Vastaamon tietomurtoa ja kiristystä Kyberturvallisuuskeskus pitää tapausta poikkeuksellisena

yle.fi/uutiset/3-11605223 Psykoterapiakeskus Vastaamoon on tehty tietomurto. Yritys kertoo tiedotteessaan, että ulkopuolinen henkilö on ollut heihin yhteydessä ja kertonut saaneensa asiakkaiden luottamuksellisia tietoja.. Tiedoista on myös yritetty kiristää rahaa.. katso myös


Kelan nimissä kalastellaan verkkopankkitunnuksia ja luottokorttitietoja

yle.fi/uutiset/3-11606389 Kelan nimissä lähetetyissä huijausviesteissä väitetään, että asiakkaiden terveystiedot ja luottokorttitiedot olisivat vaarantuneet.. Viesti on kirjoitettu suomeksi ja sen sisältämä linkki ohjaa kirjautumaan sivustolle, joka muistuttaa Suomi.fi – -kirjautumissivua. Huijaussivulla yritetään saada haltuun verkkopankkitunnuksia ja luottokorttitietoja.

Google releases Chrome security update to patch actively exploited zero-day

www.zdnet.com/article/google-releases-chrome-security-update-to-patch-actively-exploited-zero-day/ Google has released Chrome version 86.0.4240.111 earlier today to deploy security fixes, including a patch for an actively exploited zero-day vulnerability.

Cisco warns of attacks targeting high severity router vulnerability

www.bleepingcomputer.com/news/security/cisco-warns-of-attacks-targeting-high-severity-router-vulnerability/ Cisco today warned of attacks actively targeting the CVE-2020-3118 high severity vulnerability found to affect multiple carrier-grade routers that run the company’s Cisco IOS XR Software.. “In October 2020, the Cisco Product Security Incident Response Team (PSIRT) received reports of attempted exploitation of this vulnerability in the wild,” the updated advisory reads.. Cisco fixed the CVE-2020-3118 security flaw in February 2020, together with four other severe vulnerabilities discovered by IoT security company Armis and collectively dubbed CDPwn.

Oracle Kills 402 Bugs in Massive October Patch Update

threatpost.com/oracle-october-patch-update/160407/ Over half of Oracles flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.

Life of Maze ransomware

securelist.com/maze-ransomware/99137/ In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG, Southwire, and the City of Pensacola.

Microsoft says it took down 94% of TrickBot’s command and control servers

www.zdnet.com/article/microsoft-says-it-took-down-94-of-trickbots-command-and-control-servers/ TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online.. see also


LockBit ransomware moves quietly on the network, strikes fast

www.bleepingcomputer.com/news/security/lockbit-ransomware-moves-quietly-on-the-network-strikes-fast/ LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim network.

Montreal’s STM public transport system hit by ransomware attack

www.bleepingcomputer.com/news/security/montreals-stm-public-transport-system-hit-by-ransomware-attack/ Montreal’s Société de transport de Montréal (STM) public transport system was hit with a RansomExx ransomware attack that has impacted services and online systems.

MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states

www.zdnet.com/article/mobileiron-enterprise-mdm-servers-under-attack-from-ddos-gangs-nation-states/ Threat actors range from DDoS botnets to Chinese state-sponsored hacking groups.

QNAP warns of Windows Zerologon flaw affecting some NAS devices

www.bleepingcomputer.com/news/security/qnap-warns-of-windows-zerologon-flaw-affecting-some-nas-devices/ Network-attached storage device maker QNAP warns customers that some NAS storage devices running vulnerable versions of the QTS operating system are exposed to attacks attempting to exploit the critical Windows ZeroLogon (CVE-2020-1472) vulnerability.

Moving to a cloud, not a storm

www.ncsc.gov.uk/blog-post/move-to-a-cloud-not-a-storm Avoiding common problems when moving to the cloud.

You might be interested in …

Daily NCSC-FI news followup 2019-12-10

Venäjä käytti kahta eri vakoilukampanjaa tärvelläkseen Ranskan vaalit: Macronin toimisto sumutti vakoojia vitseillä www.hs.fi/ulkomaat/art-2000006337940.html Venäjän tiedustelu yritti sotkea Emmanuel Macronin vaalivoiton kahdella eri verkkovakoilukampanjalla. Kampanjaväki sumutti vakoojia jakamalla heille väärää tietoa. Snatch Ransomware Reboots to Windows Safe Mode to Bypass AV Tools www.bleepingcomputer.com/news/security/snatch-ransomware-reboots-to-windows-safe-mode-to-bypass-av-tools/ Researchers discovered a new Snatch ransomware strain that will reboot computers it […]

Read More

Daily NCSC-FI news followup 2021-02-26

Ransomware gang hacks Ecuador’s largest private bank, Ministry of Finance www.bleepingcomputer.com/news/security/ransomware-gang-hacks-ecuadors-largest-private-bank-ministry-of-finance/ A hacking group called ‘Hotarus Corp’ has hacked Ecuador’s Ministry of Finance and the country’s largest bank, Banco Pichincha, where they claim to have stolen internal data. Ryuk ransomware now self-spreads to other Windows LAN devices www.bleepingcomputer.com/news/security/ryuk-ransomware-now-self-spreads-to-other-windows-lan-devices/ “Through the use of scheduled tasks, the […]

Read More

Daily NCSC-FI news followup 2019-09-02

Google White Hat Hackers Say Thousands of iPhones Have Been Hacked for Years www.pandasecurity.com/mediacenter/news/google-iphones-hacked/ Last week computer security specialists from Google announced that thousands of iPhones had been hacked using a vulnerability seen in almost every version from iOS 10 through to the latest version of iOS 12. Googles Project Zero team, a division of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.