Daily NCSC-FI news followup 2020-11-17

Nordean tietomurrosta kahdelle vankeutta yhden syytteet hylättiin Pohjanmaan käräjäoikeudessa

yle.fi/uutiset/3-11652084?origin=rss Rikokset ajoittuivat kesään 2019. Käräjäoikeus määräsi tiistaina tuomitut maksamaan pankille yhteensä yli 276 000 euroa vahingonkorvauksia.

Delhin poliisi pidätti 17 ihmistä “Microsoftin palvelukeskuksesta”

www.tivi.fi/uutiset/tv/79cbdf6d-9551-46b5-b6ff-06a378686a75 Poliisin antamien tietojen mukaan huijariporukka oli ehtinyt petkuttaa ihmisiä jo runsaan vuoden ajan. Uhrien määräksi kerrotaan 2268 ja saaliiksi runsaat 0, 9 miljoonaa euroa. Päätekijän kuitenkin sanotaan olleen alalla jo kolmen vuoden ajan.

Researcher Discloses Critical RCE Flaws In Cisco Security Manager

thehackernews.com/2020/11/researcher-discloses-critical-rce-flaws.html Code White researcher Florian Hauser (frycos) yesterday publicly disclosed proof-of-concept (PoC) code for as many as 12 security vulnerabilities affecting the web interface of CSM that makes it possible for an unauthenticated attacker to achieve remote code execution (RCE) attacks.

Chrome 87 released with fix for NAT Slipstream attacks

www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/ Chrome 87 also comes with a fix for a new attack disclosed at the end of October by Samy Kamkar, a famous security researcher and computer hacker. Named NAT Slipstream, this technique allows attackers to bypass firewalls and make connections to internal networks by tricking users into accessing malicious sites effectively turning Chrome into a proxy for attackers.

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

threatpost.com/some-apple-apps-on-macos-big-sur-bypass-content-filters-vpns/161295/ Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs. They say it is a liability that can be exploited by threat actors to bypass firewalls and give them access to people’s systems and expose their sensitive data.

Majority of Asia-Pacific region firms pay up in ransomware attacks

www.zdnet.com/article/majority-of-apac-firms-pay-up-in-ransomware-attacks/ Despite expert advice against paying up, most victims of ransomware attacks in the region including 88% in Australia and 78% in Singapore have paid the ransom in full or in part, and the number of such attacks is only going to keep climbing amidst accelerated digital transformation efforts and remote work. Upon experiencing a ransomware attack, 62% in China paid the ransom in full or in part, while 77% in India and 57% in Japan did likewise. Another 69% in South Korea paid the ransom in full or in part.

Microsoft reveals Pluton, a custom security chip built into Intel, AMD and Qualcomm processors

techcrunch.com/2020/11/17/microsoft-pluton-security-chip-intel-amd-qualcomm/ For the past two years, some of the world’s biggest chip makers have battled a series of hardware flaws, like Meltdown and Spectre, which made it possible though not easy to pluck passwords and other sensitive secrets directly from their processors. The chip makers rolled out patches, but required the companies to rethink how they approach chip security. Now, Microsoft thinks it has the answer with its new security chip, which it calls Pluton. The chip, announced today, is the brainchild of a partnership between Microsoft and chip makers Intel, AMD and Qualcomm.

More than 200 systems infected by new Chinese APT ‘FunnyDream’

www.zdnet.com/article/more-than-200-systems-infected-by-new-chinese-apt-funnydream/ The attacks have primarily targeted Southeast Asian governments. While Bitdefender has not named any victim countries, a report published earlier this spring by fellow security firm Kaspersky Lab has identified FunnyDream targets in Malaysia, Taiwan, and the Philippines, with the most victims being located in Vietnam.

You might be interested in …

Daily NCSC-FI news followup 2021-09-26

Miten kiinalaisten puhelinten käy Suomessa? Näin kommentoivat operaattorit www.is.fi/digitoday/mobiili/art-2000008286255.html Suomen operaattorikolmikko ottaa väitteet puhelinten tietoturvaongelmista vakavasti, mutta myynti jatkuu toistaiseksi normaalisti. Hunting the LockBit Gang’s Exfiltration Infrastructures yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/ Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers thehackernews.com/2021/09/colombian-real-estate-agency-leak.html More than one terabyte of data containing 5.5 million files has been left exposed, leaking […]

Read More

Daily NCSC-FI news followup 2021-10-18

“Killware”: Is it just as bad as it sounds? blog.malwarebytes.com/cybercrime/2021/10/killware-is-it-just-as-bad-as-it-sounds/ On October 12, after interviewing US Secretary of Homeland Security Alejandro Mayorkas, USA TODAY’s editorial board warned its readers about a dangerous new form of cyberattack under this eye-catching headline: “The next big cyberthreat isn’t ransomware. It’s killware. And it’s just as bad as it […]

Read More

Daily NCSC-FI news followup 2019-11-12

BlueKeep freakout had little to no impact on patching, say experts www.theregister.co.uk/2019/11/11/bluekeep_didnt_boost_patching/ According to SANS, those reports did not do much to get people motivated. The security institute says that the rate of BlueKeep-vulnerable boxes it tracks on Shodan has been on a pretty steady downward slope since May, and the media’s rush to sound […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.