Toimittaja Aarno Malin hankki poliisille Vastaamo-kiristäjän jahdissa käytettäviä tietoja sai koneelleen 32 000 potilaskertomusta
www.mtvuutiset.fi/artikkeli/toimittaja-aarno-malin-hankki-poliisille-vastaamo-kiristajan-jahdissa-kaytettavia-tietoja-sai-koneelleen-32-000-potilaskertomusta/8002876 Vastaamo-kiristäjän jahtaaminen on mobilisoinut runsaasti ihmisiä yhteiskunnan eri sektoreilla. Toimittaja Aarno Malin on yksi heistä, joiden avulla kiristäjää koskevia tietoja on saatu viranomaisille osaksi tutkintaa.
Italian police arrest two over hacking at defence group Leonardo
www.reuters.com/article/idUSL8N2IL08W A manager and a former employee of Leonardo were arrested on Saturday for their alleged role in hacking the Italian defence group’s computers to steal sensitive information between 2015 and 2017, prosecutors in the southern city of Naples said.
Threat Roundup for November 27 to December 4
blogs.cisco.com/security/talos/threat-roundup-1127-1204 Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 27 and December 4. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.
Maailmalla on uusi huijaussoittojen tyyppi myös soitoissa Suomeen uusi niksi
www.is.fi/digitoday/tietoturva/art-2000007661525.html Veroviranomaisten numeroista tulevat väärennetyt soitot ovat muodostuneet todelliseksi ongelmaksi Australiassa.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
www.zdnet.com/article/ransomware-gangs-are-now-cold-calling-victims-if-they-restore-from-backups-without-paying/ Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
Ransomware hits helicopter maker Kopter
www.zdnet.com/article/ransomware-hits-helicopter-maker-kopter/ Data from Kopter’s internal network has been published on the LockBit gang’s blog, hosted on the dark web.
How to avert an evil-maid attack
www.kaspersky.com/blog/evil-maid-attack/37901/ Protect your corporate computer from unauthorized physical access. In theory, a pro can compromise a device in 3 to 4 minutes, but that sort of thing tends to occur when the computer is left unattended and unlocked (or not password-protected). But even with basic security measures in place, an evil-maid attack still has a chance. The easiest and most reliable way to guard against evil-maid attacks is to keep your device where only you can access it. Don’t leave it in a hotel room if you can help it, for example. If your employees have to go on business trips with work laptops, however, here are some steps you can take to mitigate the risk:. a) Deploy temporary laptops with no access to critical corporate systems or work data, and then format the hard drive and reinstall the operating system after each trip, b) Require employees to turn off work laptops that must be left unattended, c) Encrypt the hard drives of any computers that leave the office building, d) Use security solutions that block suspicious outgoing traffic. e) Ensure your security solution detects BadUSB attacks, f) Update all software, especially the operating system, in a timely manner, g) Restrict direct access to device memory through FireWire, Thunderbolt, PCI, and PCI Express ports on every device that allows it.
Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021
www.forbes.com/sites/louiscolumbus/2020/12/05/top-20-predictions-of-how-ai-is-going-to-improve-cybersecurity-in-2021/ Bottom Line: In 2021, cybersecurity vendors will accelerate AI and machine learning app development to combine human and machine insights so they can out-innovate attackers intent on escalating an AI-based arms race.
The Week in Ransomware – December 4th 2020 – Education under attack
www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-4th-2020-education-under-attack/ Egregor was very active this week, with attacks on Kmart, Metro Vancouver’s transit system TransLink, and the Randstad staffing agency. Education was also hit hard this week, with Baltimore County Public Schools (BCPS) still recovering from last week’s attack and Huntsville City Schools district in Alabama shutting down for a week due to an attack. In addition to public school systems, Ryuk attacked online education giant K12 Inc, who paid the ransom to prevent students’ data from being leaked. Finally, the Clop ransomware gang showed that they don’t only breach networks to steal your files and encrypt your data. The threat actors also deploy other ransomware, such as POS malware, to steal credit cards.
“Sadat miljoonat käyttäjät vaarassa” monissa Android-sovelluksissa kummittelee haavoittuvuus
www.is.fi/digitoday/tietoturva/art-2000007661541.html Useilta kehittäjiltä on jäänyt korjaamatta vakava haavoittuvuus, ja käyttäjät saattavat maksaa siitä kalliisti. Lue myös:
Heightened Awareness for Iranian Cyber Activity
us-cert.cisa.gov/ncas/current-activity/2020/12/03/heightened-awareness-iranian-cyber-activity Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service (DDoS) attacks, and theft of personally identifiable information (PII), to more advanced activitiesincluding social media-driven influence operations, destructive malware, and, potentially, cyber-enabled kinetic attacks.
Campaign to help online Christmas shoppers fight festive fraud
www.ncsc.gov.uk/news/cyber-aware-aiding-christmas-shopping The NCSC launches a new Cyber Aware campaign aimed at helping people shop securely online this Christmas.
Weekly Threat Report 4th December 2020
www.ncsc.gov.uk/report/weekly-threat-report-4th-december-2020 The NCSC’s weekly threat report is drawn from recent open source reporting.