Daily NCSC-FI news followup 2020-11-06

Update Your iOS Devices Now 3 Actively Exploited 0-Days Discovered

thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges. Lisäksi:

support.apple.com/en-us/HT201222. Lisäksi:

us-cert.cisa.gov/ncas/current-activity/2020/11/06/apple-releases-security-updates-multiple-products. Lisäksi: threatpost.com/apple-patches-bugs-zero-days/161010/. Lisäksi:

www.zdnet.com/article/apple-fixes-three-ios-zero-days-exploited-in-the-wild. Lisäksi:

arstechnica.com/information-technology/2020/11/apple-patches-ios-against-3-actively-exploited-0days-found-by-google/. Lisäksi:

www.theregister.com/2020/11/05/apple_drops_patches_to_fix/. Lisäksi:


Sairaalatkaan eivät ole turvassa lunnashaittaohjelmilta: potilasturvallisuutta harjoitellaan pian oikeankaltaisessa ympäristössä Jyväskylässä

www.epressi.com/tiedotteet/terveys/sairaalatkaan-eivat-ole-turvassa-lunnashaittaohjelmilta-potilasturvallisuutta-harjoitellaan-pian-oikeankaltaisessa-ymparistossa-jyvaskylassa.html Jyväskylän ammattikorkeakoulun (JAMK) IT-instituutissa luodaan parhaillaan digitaalisen terveydenhuollon ympäristöä kyberturvallisuusharjoittelua varten. Ympäristössä syksyllä 2021 pidettävän ensimmäisen terveydenhuollon kyberturvallisuusharjoituksen teemana ovat potilasturvallisuus ja potilaiden henkilötietojen tietosuoja sairaalaympäristössä.

Bitcoin: $1bn seized from Silk Road account by US government

www.bbc.com/news/technology-54833130 More than $1bn (£772m) in Bitcoin linked to the notorious Silk Road website has been seized by the US Department of Justice (DoJ). Lisäksi:


Rediscovering Limitations of Stateful Firewalls: “NAT Slipstreaming” ? Implications, Detections and Mitigations

isc.sans.edu/diary/rss/26766 A recent {rediscovered} technique (NAT Slipstreaming) to allow an attacker remotely access any TCP/UDP service bound to a victim’s machine, thus bypassing the victim’s Network Address Translation (NAT)/firewall implementation was detailed by Samy Kamkar. Samy had also shared a similar technique termed “NAT Pinning” back in 2010.

Brazil’s court system under massive RansomExx ransomware attack

www.bleepingcomputer.com/news/security/brazils-court-system-under-massive-ransomexx-ransomware-attack/ Brazil’s Superior Court of Justice was hit by a ransomware attack on Tuesday during judgment sessions that were taking place over video conference. Lisäksi:

securelist.com/ransomexx-trojan-attacks-linux-systems/99279/. Lisäksi:

www.zdnet.com/article/linux-version-of-ransomexx-ransomware-discovered/. Lisäksi:


Gitpaste-12 Worm Targets Linux Servers, IoT Devices

threatpost.com/gitpaste-12-worm-linux-servers-iot-devices/161016/ The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors. Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things (IoT) devices (that are based on ARM and MIPS CPUs). Lisäksi:


This hacking group is using previously unknown tools to target defence contractors

www.zdnet.com/article/this-hacking-group-is-using-previously-unknown-tools-to-target-defence-contractors/ Researchers at McAfee first detailed Operation North Star earlier this year, but further analysis of reveals additional tactics and techniques of the campaign which has almost identical elements to Hidden Cobra AKA The Lazarus Group a hacking operation which the US government and others say is working out of North Korea on behalf of the government in Pyongyang

Tech support scammer dialed random number and Australian Police’s cybercrime squad answered

www.theregister.com/2020/11/06/sa_police_support_scam_intercept/ A tech-support scammer making random phone calls in the hope of finding a victim called the cyber-crime squad of an Australian police force, which used the happy accident to document the con trick and inform the public on what to watch out for.

Kuluttaja-asiamies saanut Vastaamon tietomurron jälkeen huolestuneita yhteydenottoja nettiostoihin tarjottava luotto voi olla tietosuojariski

yle.fi/uutiset/3-11631588 Kuluttaja-asiamiehelle on tullut Vastaamon tietomurron jälkeen kysymyksiä henkilötunnuksen käytöstä ja identiteettivarkauksista verkkokauppaostoksista, kertoo ryhmäpäällikkö Paula Hannula Kilpailu- ja kuluttajavirastosta (KKV).

You might be interested in …

Daily NCSC-FI news followup 2020-11-29

Hacker Lexicon: What Is the Signal Encryption Protocol? www.wired.com/story/signal-encryption-protocol-hacker-lexicon/ LAST WEEK, WITH little fanfare, Google announced a change that could soon make its 2 billion Android users worldwide far harder to surveil: The tech giant says it’s rolling out a beta version of its Android messaging app that will now use end-to-end encryption by default. […]

Read More

Daily NCSC-FI news followup 2021-01-13

Cloud Threat Hunting: Attack & Investigation Series- Lateral Movement Under the Radar blog.checkpoint.com/2021/01/13/cloud-threat-hunting-attack-investigation-series-lateral-movement-under-the-radar/ A sign of a truly sophisticated attack in the cloud is the ability to move laterally undetected. Doing so successfully requires knowledge of many techniques. In this latest installation of the Cloud Threat Hunting: Attack and Investigation Series, we present the most […]

Read More

Daily NCSC-FI news followup 2020-05-01

Ransomware mentioned in 1,000+ SEC filings over the past year www.zdnet.com/article/ransomware-mentioned-in-1000-sec-filings-over-the-past-year/#ftag=RSSbaffb68 A growing number of public companies are now listing ransomware as a forward-looking risk factor in documents filed with the US Securities Exchange Commission. Listing ransomware as a risk factor in SEC filings shows that companies now understand the danger posed by a ransomware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.