Daily NCSC-FI news followup 2020-10-22

Psykoterapiakeskus Vastaamon kiristäjä julkaisi yöllä lisää erittäin arkaluontoisia potilaskertomuksia

yle.fi/uutiset/3-11606925 Psykoterapiakeskus Vastaamoa kiristävä henkilö on julkaissut yöllä Tor-verkossa lisää varastamiaan potilastietoja. Potilastiedoista ilmenee Vastaamon asiakkaiden nimet, osoitteet, henkilötunnukset ja potilaskertomukset.. katso myös

www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_jatkaa_epaillyn_torkean_tietomurron_tutkintaa_uhreja_pyydetaan_tekemaan_rikosilmoitus_94140?language=fi

Toimi näin, jos epäilet joutuneesi tietovuodon uhriksi

yle.fi/uutiset/3-11608585 Kyberturvallisuuskeskus ja rikosuhripäivystys ovat koonneet toimintaohjeet tietovuodon uhriksi joutuneille.. katso myös

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/neuvoja-identiteettivarkauden-tai-tietovuodon-uhrille

US govt: Iran behind fake Proud Boys voter intimidation emails

www.bleepingcomputer.com/news/government/us-govt-iran-behind-fake-proud-boys-voter-intimidation-emails/ The US govt has stated that Iran is behind threatening emails sent to Democratic voters warning that they must vote for Trump or face consequences.

Iranian APT Actors Threaten Election-Related Systems

us-cert.cisa.gov/ncas/alerts/aa20-296b The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.

Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

us-cert.cisa.gov/ncas/alerts/aa20-296a Since at least September 2020, a Russian state-sponsored APT actorknown variously as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala in open-source reportinghas conducted a campaign against a wide variety of U.S. targets. . The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers.

OP varoittaa erittäin vakuuttavista huijausviesteistä: Näin toimii vain rikollinen

www.is.fi/digitoday/tietoturva/art-2000006677551.html OP:n asiakkaille on lähetetty vakuuttavia ja valheellisia sähköposteja.

Microsoft Teams Phishing Attack Targets Office 365 Users

threatpost.com/microsoft-teams-phishing-office-365/160458/ Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a missed chat from Microsoft Teams.

Hacker says he correctly guessed Trumps Twitter passwordit was maga2020!

arstechnica.com/tech-policy/2020/10/hacker-says-he-correctly-guessed-trumps-twitter-password-it-was-maga2020/ A security researcher reportedly logged in to President Trump’s Twitter account last week by guessing the passwordit was “maga2020!”and then alerted the US government that Trump needed to upgrade his Twitter security practices.

French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected

www.theregister.com/2020/10/22/sopra_steria_ryuk_ransomware_reports/ You know, the firm that runs half of NHS Business Services

EU sanctions Russian hackers over 2015 German parliament attack

www.bleepingcomputer.com/news/security/eu-sanctions-russian-hackers-over-2015-german-parliament-attack/ The Council of the European Union today announced sanctions imposed on Russian military intelligence officers part of the 85th Main Centre for Special Services (GTsSS) for their involvement in a 2015 hack of the German Federal Parliament (Deutscher Bundestag).. Dmitry Sergeyevich Badin and Igor Olegovich Kostyukov are the two military intelligence officers sanctioned today, both of them known members of the GTsSS (an APT group also tracked as APT28, Fancy Bear, Sofacy Group, Sednit, and Strontium) which is also a target of today’s restrictive measures imposed by the Council of the EU decision.

XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability

blog.malwarebytes.com/cybercrime/2020/10/xss-to-tss-tech-support-scam-campaign/ Tech support browser lockers continue to be one of the most common web threats. Not only are they a problem for end users who might end up on the phone with scammers defrauding them of hundreds of dollars, theyve also caused quite the headache for browser vendors to fix.

On the trail of the XMRig miner

securelist.com/miner-xmrig/99151/

Enhancing Threat Hunting with MITRE ATT&CK

blog.checkpoint.com/2020/10/22/enhancing-threat-hunting-with-mitre-attck/

You might be interested in …

Daily NCSC-FI news followup 2019-09-13

Israel accused of planting mysterious spy devices near the White House www.politico.com/story/2019/09/12/israel-white-house-spying-devices-1491351 The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge […]

Read More

Daily NCSC-FI news followup 2019-10-26

U.N., UNICEF, Red Cross Under Ongoing Mobile Attack threatpost.com/un-unicef-red-cross-mobile-attack/149556/ A smart mobile-first phishing effort uses valid certificates to sign fake Office 365 pages, and logs keystrokes in real time. An ongoing, mobile-focused phishing campaign is targeting the United Nations and several humanitarian aid organizations, including UNICEF, the Red Cross and UN World Food. The campaign […]

Read More

Daily NCSC-FI news followup 2019-12-21

170m passwords stolen in September Zynga hack www.theguardian.com/games/2019/dec/19/170m-passwords-stolen-in-zynga-words-with-friends-hack-monitor-says Words With Friends company admitted hack in September but size only now revealed Siemens Contractor Jailed for Sabotage With Logic Bombs www.bleepingcomputer.com/news/security/siemens-contractor-jailed-for-sabotage-with-logic-bombs/ While his spreadsheets worked without flaw for years, starting in 2014 they suddenly began randomly crashing and glitching because of the logic bombs he inserted […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.