Daily NCSC-FI news followup 2020-11-17

Nordean tietomurrosta kahdelle vankeutta yhden syytteet hylättiin Pohjanmaan käräjäoikeudessa

yle.fi/uutiset/3-11652084?origin=rss Rikokset ajoittuivat kesään 2019. Käräjäoikeus määräsi tiistaina tuomitut maksamaan pankille yhteensä yli 276 000 euroa vahingonkorvauksia.

Delhin poliisi pidätti 17 ihmistä “Microsoftin palvelukeskuksesta”

www.tivi.fi/uutiset/tv/79cbdf6d-9551-46b5-b6ff-06a378686a75 Poliisin antamien tietojen mukaan huijariporukka oli ehtinyt petkuttaa ihmisiä jo runsaan vuoden ajan. Uhrien määräksi kerrotaan 2268 ja saaliiksi runsaat 0, 9 miljoonaa euroa. Päätekijän kuitenkin sanotaan olleen alalla jo kolmen vuoden ajan.

Researcher Discloses Critical RCE Flaws In Cisco Security Manager

thehackernews.com/2020/11/researcher-discloses-critical-rce-flaws.html Code White researcher Florian Hauser (frycos) yesterday publicly disclosed proof-of-concept (PoC) code for as many as 12 security vulnerabilities affecting the web interface of CSM that makes it possible for an unauthenticated attacker to achieve remote code execution (RCE) attacks.

Chrome 87 released with fix for NAT Slipstream attacks

www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/ Chrome 87 also comes with a fix for a new attack disclosed at the end of October by Samy Kamkar, a famous security researcher and computer hacker. Named NAT Slipstream, this technique allows attackers to bypass firewalls and make connections to internal networks by tricking users into accessing malicious sites effectively turning Chrome into a proxy for attackers.

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

threatpost.com/some-apple-apps-on-macos-big-sur-bypass-content-filters-vpns/161295/ Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs. They say it is a liability that can be exploited by threat actors to bypass firewalls and give them access to people’s systems and expose their sensitive data.

Majority of Asia-Pacific region firms pay up in ransomware attacks

www.zdnet.com/article/majority-of-apac-firms-pay-up-in-ransomware-attacks/ Despite expert advice against paying up, most victims of ransomware attacks in the region including 88% in Australia and 78% in Singapore have paid the ransom in full or in part, and the number of such attacks is only going to keep climbing amidst accelerated digital transformation efforts and remote work. Upon experiencing a ransomware attack, 62% in China paid the ransom in full or in part, while 77% in India and 57% in Japan did likewise. Another 69% in South Korea paid the ransom in full or in part.

Microsoft reveals Pluton, a custom security chip built into Intel, AMD and Qualcomm processors

techcrunch.com/2020/11/17/microsoft-pluton-security-chip-intel-amd-qualcomm/ For the past two years, some of the world’s biggest chip makers have battled a series of hardware flaws, like Meltdown and Spectre, which made it possible though not easy to pluck passwords and other sensitive secrets directly from their processors. The chip makers rolled out patches, but required the companies to rethink how they approach chip security. Now, Microsoft thinks it has the answer with its new security chip, which it calls Pluton. The chip, announced today, is the brainchild of a partnership between Microsoft and chip makers Intel, AMD and Qualcomm.

More than 200 systems infected by new Chinese APT ‘FunnyDream’

www.zdnet.com/article/more-than-200-systems-infected-by-new-chinese-apt-funnydream/ The attacks have primarily targeted Southeast Asian governments. While Bitdefender has not named any victim countries, a report published earlier this spring by fellow security firm Kaspersky Lab has identified FunnyDream targets in Malaysia, Taiwan, and the Philippines, with the most victims being located in Vietnam.

You might be interested in …

Daily NCSC-FI news followup 2020-10-27

Uusi työkalu johdolle kyberuhkien hallintaan www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/uusi-tyokalu-johdolle-kyberuhkien-hallintaan Liikenne- ja viestintävirasto Traficomin Kyberturvallisuuskeskuksen kehittämä Kybermittari auttaa yritysjohtoa saamaan kyberriskit kattavammin hallintaan ja turvaamaan liiketoiminnan jatkuvuuden. DN: Suuri tietomurto ruotsalaiseen turvallisuusalan yritykseen, verkkoon on vuodettu muun muassa pankki­holvien piirustuksia www.hs.fi/ulkomaat/art-2000006700788.html Ruotsalaiseen, kansainvälisesti toimivaan turvallisuusalan yhtiöön on tehty mittava tietomurto, jossa verkkoon on vuodettu esimerkiksi pankkiholvien piirustuksia ja hälytysjärjestelmien […]

Read More

Daily NCSC-FI news followup 2020-05-14

Spam campaign: Netwire RAT via paste.ee and MS Excel to German users www.gdatasoftware.com/blog/netwire-rat-via-pasteee-and-ms-excel G DATA discovered an email spam campaign in Germany that delivers NetWire RAT via PowerShell in Excel documents. The emails mimick the German courier, parcel and express mail service DHL. Sodinokibi drops greatest hits collection, and crime is the secret ingredient blog.malwarebytes.com/cybercrime/2020/05/sodinokibi-drops-greatest-hits-collection-and-crime-is-the-secret-ingredient/ […]

Read More

Daily NCSC-FI news followup 2020-01-15

Hainan Xiandun Technology Company is APT40 intrusiontruth.wordpress.com/2020/01/15/hainan-xiandun-technology-company-is-apt40/ You knew where this was heading. Facebook to notify users of third-party app logins www.zdnet.com/article/facebook-to-notify-users-of-third-party-app-logins/ Facebook launched a new feature this week that will notify users whenever they (or somebody else) logs into a third-party app or website using their Facebook account. Have an iPhone? Use it to […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.