Daily NCSC-FI news followup 2020-11-13

Sote-alalla on huolta siitä, miten pienet yritykset kestävät tietoturvan parantamisen kustannukset — valtiolta toivotaan tukea

yle.fi/uutiset/3-11646290 Hanna-Maija Kause sanoo, että tietoturvajärjestelmiin fokusoimisen lisäksi vähintään yhtä tärkeää on kehittää tietoturvakulttuuria. “Se tarkoittaa sitä, että tarvitaan enemmän koulutusta turvallisista tietosuojakäytännöistä ja tietosuojakulttuurista, joka kaikissa organisaatioissa on.”

Australian government warns of possible ransomware attacks on health sector

www.zdnet.com/article/australian-government-warns-of-possible-ransomware-attacks-on-health-sector/#ftag=RSSbaffb68 The ACSC says it has seen an uptick in attacks targeting the health sector with SDBBot, a known precursor of the Clop ransomware. ACSC lähde:

www.cyber.gov.au/acsc/view-all-content/alerts/sdbbot-targeting-health-sector. Katso myös:

umbrella.cisco.com/blog/healthcare-industry-under-threat-of-trojan-and-ransomware-attacks

Nation-State Attackers Actively Target COVID-19 Vaccine-Makers

threatpost.com/russia-north-korea-attacking-covid-19-vaccine-makers/161205/ Three nation-state cyberattack groups are actively attempting to hack companies involved in COVID-19 vaccine and treatment research, researchers said. Russia’s APT28 Fancy Bear, the Lazarus Group from North Korea and another North Korea-linked group dubbed Cerium are believed to be behind the ongoing assaults. Microsoftin lähde:

blogs.microsoft.com/on-the-issues/2020/11/13/health-care-cyberattacks-covid-19-paris-peace-forum/

Quick update on the Linux.Ngioweb botnet, now it is going after IoT devices

blog.netlab.360.com/linux-ngioweb-v2-going-after-iot-devices-en/ With the low low detected rate on VT, and newly added IoT support, we think it is worthing providing a quick update to reflect the key new features with the new variants, so here are some quick outlines. We were able to sinkhole a few of the DGA domains so we could get a picture of how many bots the botnet has recruited. The following graph shows the V1 version of the bot count, about 3k active daily IPs.

New TroubleGrabber Discord malware steals passwords, system info

www.bleepingcomputer.com/news/security/new-troublegrabber-discord-malware-steals-passwords-system-info/ TroubleGrabber, a new credential stealer discovered by Netskope security researchers, spreads via Discord attachments and uses Discord webhooks to deliver stolen information to its operators. Several threat actors use the new info stealer to target gamers on Discord servers and to steal their passwords and other sensitive information. “We identified more than 1, 000 generated binaries that were distributed via drive-by download URLs with file names posing as game cheats, Discord installers, and software cracks, ” Netskope says.

New Jupyter malware steals browser data, opens backdoor

www.bleepingcomputer.com/news/security/new-jupyter-malware-steals-browser-data-opens-backdoor/ Jupyter is.NET-based and focuses on stealing data from Chromium, Mozilla Firefox, and Google Chrome web browsers: cookies, credentials, certificates, autocomplete info.

DarkSide ransomware is creating a secure data leak service in Iran

www.bleepingcomputer.com/news/security/darkside-ransomware-is-creating-a-secure-data-leak-service-in-iran/ The DarkSide Ransomware operation claims they are creating a distributed storage system in Iran to store and leak data stolen from victims. To show they mean business, the ransomware gang has deposited $320 thousand on a hacker forum. DarkSide is run as a Ransomware-as-a-Service (RaaS) where developers are in charge of programming the ransomware software and payment site, and affiliates are recruited to hack businesses and encrypt their devices.

Info of 27.7 million Texas drivers exposed in Vertafore data breach

www.zdnet.com/article/info-of-27-7-million-texas-drivers-exposed-in-vertafore-data-breach/ Vertafore blames incident on human error after user data was stored on an unsecured external storage service. The files were accessed by an external party. Vertafore, a provider of insurance software, has disclosed this week a data breach, admitting that a third-party accessed the details of 27.7 million Texas drivers. Exposed data included Texas driver license numbers, names, dates of birth, addresses, and vehicle registration histories.

You might be interested in …

Daily NCSC-FI news followup 2019-08-24

Kyberhyökkäykset ravistelevat suomalaiskuntia Tampere: “Harjoittelemme säännöllisesti” www.tivi.fi/uutiset/tv/d884768a-4cba-4abb-b990-64620669935d Sähköpostihuijareiden toimintatapoja tarkemmin – eiliseen 80 huijarin kiinniottoon liittyvä analyysi garwarner.blogspot.com/2019/08/los-angeles-court-charges-80-nigerians.html Fortnite-pelin huijausohjelma sisältääkin haittaohjelman ja vaatii lunnaat www.kaspersky.com/blog/ransomware-in-fortnite-cheats/28104/ FireEyen tuore raportti sote-sektorin toistuvasta kohdennuksesta ja altistumisesta tietovuodoille www.fireeye.com/blog/threat-research/2019/08/healthcare-research-data-pii-continuously-targeted-by-multiple-threat-actors.html Facebook jakoi vuosittaisen Internet Defence Prize -palkintonsa saksalaisille tutkijoille: 100’000 USD uudesta suojausmekanismista. www.zdnet.com/article/facebook-awards-100000-prize-for-new-code-isolation-technique/ Esineiden internet: älyuunit päälle keskellä […]

Read More

Daily NCSC-FI news followup 2019-07-08

Croatia government agencies targeted with news SilentTrinity malware securityaffairs.co/wordpress/88021/apt/croatia-government-silenttrinity-malware.html A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands.. Between February […]

Read More

Daily NCSC-FI news followup 2020-06-18

Car autopilot security www.kaspersky.com/blog/protecting-adas/35961/ Today, many companies are experimenting to the max with autopilots of varying complexity. Some are trying to build devices that actually take control of the vehicle out of human hands, while others are developing advanced driver-assistance systems (ADAS). . The main issue that autopilot manufacturers must address is guaranteeing reliability and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.