Nordean tietomurrosta kahdelle vankeutta yhden syytteet hylättiin Pohjanmaan käräjäoikeudessa
yle.fi/uutiset/3-11652084?origin=rss Rikokset ajoittuivat kesään 2019. Käräjäoikeus määräsi tiistaina tuomitut maksamaan pankille yhteensä yli 276 000 euroa vahingonkorvauksia.
Delhin poliisi pidätti 17 ihmistä “Microsoftin palvelukeskuksesta”
www.tivi.fi/uutiset/tv/79cbdf6d-9551-46b5-b6ff-06a378686a75 Poliisin antamien tietojen mukaan huijariporukka oli ehtinyt petkuttaa ihmisiä jo runsaan vuoden ajan. Uhrien määräksi kerrotaan 2268 ja saaliiksi runsaat 0, 9 miljoonaa euroa. Päätekijän kuitenkin sanotaan olleen alalla jo kolmen vuoden ajan.
Researcher Discloses Critical RCE Flaws In Cisco Security Manager
thehackernews.com/2020/11/researcher-discloses-critical-rce-flaws.html Code White researcher Florian Hauser (frycos) yesterday publicly disclosed proof-of-concept (PoC) code for as many as 12 security vulnerabilities affecting the web interface of CSM that makes it possible for an unauthenticated attacker to achieve remote code execution (RCE) attacks.
Chrome 87 released with fix for NAT Slipstream attacks
www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/ Chrome 87 also comes with a fix for a new attack disclosed at the end of October by Samy Kamkar, a famous security researcher and computer hacker. Named NAT Slipstream, this technique allows attackers to bypass firewalls and make connections to internal networks by tricking users into accessing malicious sites effectively turning Chrome into a proxy for attackers.
Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs
threatpost.com/some-apple-apps-on-macos-big-sur-bypass-content-filters-vpns/161295/ Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs. They say it is a liability that can be exploited by threat actors to bypass firewalls and give them access to people’s systems and expose their sensitive data.
Majority of Asia-Pacific region firms pay up in ransomware attacks
www.zdnet.com/article/majority-of-apac-firms-pay-up-in-ransomware-attacks/ Despite expert advice against paying up, most victims of ransomware attacks in the region including 88% in Australia and 78% in Singapore have paid the ransom in full or in part, and the number of such attacks is only going to keep climbing amidst accelerated digital transformation efforts and remote work. Upon experiencing a ransomware attack, 62% in China paid the ransom in full or in part, while 77% in India and 57% in Japan did likewise. Another 69% in South Korea paid the ransom in full or in part.
Microsoft reveals Pluton, a custom security chip built into Intel, AMD and Qualcomm processors
techcrunch.com/2020/11/17/microsoft-pluton-security-chip-intel-amd-qualcomm/ For the past two years, some of the world’s biggest chip makers have battled a series of hardware flaws, like Meltdown and Spectre, which made it possible though not easy to pluck passwords and other sensitive secrets directly from their processors. The chip makers rolled out patches, but required the companies to rethink how they approach chip security. Now, Microsoft thinks it has the answer with its new security chip, which it calls Pluton. The chip, announced today, is the brainchild of a partnership between Microsoft and chip makers Intel, AMD and Qualcomm.
More than 200 systems infected by new Chinese APT ‘FunnyDream’
www.zdnet.com/article/more-than-200-systems-infected-by-new-chinese-apt-funnydream/ The attacks have primarily targeted Southeast Asian governments. While Bitdefender has not named any victim countries, a report published earlier this spring by fellow security firm Kaspersky Lab has identified FunnyDream targets in Malaysia, Taiwan, and the Philippines, with the most victims being located in Vietnam.