Psykoterapiakeskus Vastaamon kiristäjä julkaisi yöllä lisää erittäin arkaluontoisia potilaskertomuksia
yle.fi/uutiset/3-11606925 Psykoterapiakeskus Vastaamoa kiristävä henkilö on julkaissut yöllä Tor-verkossa lisää varastamiaan potilastietoja. Potilastiedoista ilmenee Vastaamon asiakkaiden nimet, osoitteet, henkilötunnukset ja potilaskertomukset.. katso myös
Toimi näin, jos epäilet joutuneesi tietovuodon uhriksi
yle.fi/uutiset/3-11608585 Kyberturvallisuuskeskus ja rikosuhripäivystys ovat koonneet toimintaohjeet tietovuodon uhriksi joutuneille.. katso myös
US govt: Iran behind fake Proud Boys voter intimidation emails
www.bleepingcomputer.com/news/government/us-govt-iran-behind-fake-proud-boys-voter-intimidation-emails/ The US govt has stated that Iran is behind threatening emails sent to Democratic voters warning that they must vote for Trump or face consequences.
Iranian APT Actors Threaten Election-Related Systems
us-cert.cisa.gov/ncas/alerts/aa20-296b The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.
Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
us-cert.cisa.gov/ncas/alerts/aa20-296a Since at least September 2020, a Russian state-sponsored APT actorknown variously as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala in open-source reportinghas conducted a campaign against a wide variety of U.S. targets. . The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers.
OP varoittaa erittäin vakuuttavista huijausviesteistä: Näin toimii vain rikollinen
www.is.fi/digitoday/tietoturva/art-2000006677551.html OP:n asiakkaille on lähetetty vakuuttavia ja valheellisia sähköposteja.
Microsoft Teams Phishing Attack Targets Office 365 Users
threatpost.com/microsoft-teams-phishing-office-365/160458/ Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a missed chat from Microsoft Teams.
Hacker says he correctly guessed Trumps Twitter passwordit was maga2020!
arstechnica.com/tech-policy/2020/10/hacker-says-he-correctly-guessed-trumps-twitter-password-it-was-maga2020/ A security researcher reportedly logged in to President Trump’s Twitter account last week by guessing the passwordit was “maga2020!”and then alerted the US government that Trump needed to upgrade his Twitter security practices.
French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected
www.theregister.com/2020/10/22/sopra_steria_ryuk_ransomware_reports/ You know, the firm that runs half of NHS Business Services
EU sanctions Russian hackers over 2015 German parliament attack
www.bleepingcomputer.com/news/security/eu-sanctions-russian-hackers-over-2015-german-parliament-attack/ The Council of the European Union today announced sanctions imposed on Russian military intelligence officers part of the 85th Main Centre for Special Services (GTsSS) for their involvement in a 2015 hack of the German Federal Parliament (Deutscher Bundestag).. Dmitry Sergeyevich Badin and Igor Olegovich Kostyukov are the two military intelligence officers sanctioned today, both of them known members of the GTsSS (an APT group also tracked as APT28, Fancy Bear, Sofacy Group, Sednit, and Strontium) which is also a target of today’s restrictive measures imposed by the Council of the EU decision.
XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability
blog.malwarebytes.com/cybercrime/2020/10/xss-to-tss-tech-support-scam-campaign/ Tech support browser lockers continue to be one of the most common web threats. Not only are they a problem for end users who might end up on the phone with scammers defrauding them of hundreds of dollars, theyve also caused quite the headache for browser vendors to fix.
On the trail of the XMRig miner
securelist.com/miner-xmrig/99151/
Enhancing Threat Hunting with MITRE ATT&CK
blog.checkpoint.com/2020/10/22/enhancing-threat-hunting-with-mitre-attck/