Daily NCSC-FI news followup 2020-11-19

Tahmaako netti? Liisa-myrskyn aiheuttamia tuhoja korjaillaan

www.tivi.fi/uutiset/tv/e78e181b-62f7-45cb-ac38-e30eee4f8017 Liisa-myrskyn aiheuttamat sähkökatkokset aiheuttavat parhaillaan häiriöitä matkapuhelinverkossa.

Accused Ringleader of FIN7 Hacking Group Pleads Guilty

www.bankinfosecurity.com/accused-ringleader-fin7-hacking-group-pleads-guilty-a-15397 Andrii Kolpakov, who is a Ukrainian national, pleaded guilty to charges of conspiracy to commit wire fraud and conspiracy to commit computer hacking. He faces up to a 25-year federal prison term and a $500, 000 fine when he’s sentenced, federal prosecutors note.

US Food-Supply Giant Americold Admits Cyberattack

threatpost.com/food-supply-americold-cyberattack/161402/ Americold is the largest cold-storage provider in the U.S., and it owns and operates 183 temperature-controlled warehouses globally, including in Argentina, Australia, Canada and New Zealand; and just acquired a similar company in Europe.

IoT Cybersecurity Improvement Act Passed in the US, Heads to President’s Desk

threatpost.com/iot-cybersecurity-improvement-act-passed/161396/ The IoT Cybersecurity Improvement Act has several different parts. First, it mandates that NIST must issue standards-based guidelines for the minimum security of IoT devices that are owned by the federal government. Under the law, federal agencies must also implement a vulnerability-disclosure policy for IoT devices, and they cannot procure devices that don’t meet the security guidelines.

The UK’s new offensive cyber unit takes on organised crime and hostile states

www.zdnet.com/article/new-cyber-force-will-take-the-fight-to-organised-crime-and-hostile-states/ The National Cyber Force draws together experts from intelligence agency GCHQ, the Ministry of Defence, the Defence Science and Technology Laboratory, and the Secret Intelligence Service – MI6 – which will provide its “expertise in recruiting and running agents alongside its unique ability to deliver clandestine operational technology”.

Evolution of Emotet: From Banking Trojan to Malware Distributor

thehackernews.com/2020/11/anyrun-emotet-malware-analysis.html Emotet is one of the most dangerous and widespread malware threats active today. Ever since its discovery in 2014when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for distributing other kinds of computer viruses.

New Proposed DNS Security Features Released

www.darkreading.com/risk/new-proposed-dns-security-features-released/d/d-id/1339469?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple Verisign’s R&D team has developed new ways to authenticate and optimize DNS traffic on the client side of the domain-name resolution process.

Employee surveillance software demand increased as workers transitioned to home working

www.zdnet.com/article/employee-surveillance-software-demand-increased-as-workers-transitioned-to-home-working/ As people hunkered down to work from home during COVID-19, companies turned to employee surveillance software to track their staff. Of the most popular employee monitoring tools, 81% offer keystroke logging so that employers can see every click of the keyboard.

Meet the hackers who earn millions for saving the web: How bug bounties are changing cybersecurity

www.zdnet.com/article/meet-the-hackers-who-earn-millions-for-saving-the-web-how-bug-bounties-are-changing-cybersecurity/ These hackers are finding security bugs – and getting paid for it. That’s changing the dynamics of cybersecurity. According to HackerOne, which organised the events that Paxton-Fear attended and organises bug bounties for big businesses and government agencies, nine hackers have now earned more than $1m each in rewards for spotting vulnerabilities. Thirteen more have hit $500, 000 in lifetime earnings, and 146 hackers have now earned $100, 000 each.

You might be interested in …

Daily NCSC-FI news followup 2020-06-02

Varo tätä ilmiötä: huijarit tehtailevat oikeista konserttistriimeistä valetapahtumia, joiden avulla yritetään kalastaa luottokorttitietoja yle.fi/uutiset/3-11380829 Idea on yksinkertainen. Huijari luo aidon näköisen Facebook-eventin ja tarjoaa klikattavaksi linkkiä, jossa muka voisi ostaa lipun konserttistriimiin. Entä jos huomaa tulleensa huijatuksi? Miten toimia?. – Ihan ensimmäisenä ja aika nopeasti pitäisi ottaa yhteyttä pankkiin. Parhaassa tapauksessa sieltä pystytään vielä estämään […]

Read More

Daily NCSC-FI news followup 2020-09-17

Ransomware attack at German hospital leads to death of patient www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/ A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack. www.is.fi/digitoday/tietoturva/art-2000006638568.html Postin nimissä lähetettäviä huijaustekstiviestejä tulee suomalaisille hyvin aktiivisesti. Ilta-Sanomat Digitoday on saanut useita ilmoituksia viime viikonloppuna ja tällä viikolla lähetetyistä […]

Read More

Daily NCSC-FI news followup 2020-06-13

Fraudster gets maximum jail time for news site DDoS extortion www.bleepingcomputer.com/news/security/fraudster-gets-maximum-jail-time-for-news-site-ddos-extortion/ Iranian-born U.S. citizen Andrew Rakhshan, previously convicted in Canada for fraud, was sentenced to the maximum sentence of five years and ordered to pay over $500, 000 after being found guilty of launching several distributed denial of service (DDoS) attacks against news websites. Microsoft […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.