Daily NCSC-FI news followup 2020-11-22

February 2021s Most Wanted Malware: Trickbot Takes Over Following Emotet Shutdown blog.checkpoint.com/2021/03/11/february-2021s-most-wanted-malware-trickbot-takes-over-following-emotet-shutdown/ Check Point Research reports that following the international police operation that took control of Emotet in January, Trickbot has become the new top global threat used by cybercriminals. Our latest Global Threat Index for February 2021 has revealed that the Trickbot trojan has […]

Emotet-haittaohjelmaa levitetään aktiivisesti Suomessa www.kyberturvallisuuskeskus.fi/fi/emotet-haittaohjelmaa-levitetaan-aktiivisesti-suomessa Emotet-haittaohjelmaa levitetään sähköpostitse suomalaisten organisaatioiden nimissä. Haittaohjelmahyökkäyksen tarkoituksena on varastaa organisaatioista tietoja, ja samalla hyökkäyksellä on mahdollista tunkeutua verkkoon syvemmälle ja käynnistää esimerkiksi kiristyshaittaohjelmahyökkäys. Hyökkäyskampanja on näkynyt aktiivisena 17.8.2020 alkaen.. see also www.is.fi/digitoday/tietoturva/art-2000006605860.html World’s largest cruise line operator discloses ransomware attack www.zdnet.com/article/worlds-largest-cruise-line-operator-discloses-ransomware-attack/ Carnival Corp says it suffered a ransomware attack […]

Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency www.wired.com/story/russias-fancy-bear-hack-us-federal-agency/ New clues indicate that APT28 may be behind a mysterious intrusion that US officials disclosed last week. MAR-10303705-1.v1 Remote Access Trojan: SLOTHFULMEDIA us-cert.cisa.gov/ncas/analysis-reports/ar20-275a The sample is a dropper, which deploys two files when executed. The first is a remote access tool (RAT) named mediaplayer.exe”, […]