Daily NCSC-FI news followup 2020-12-18

Kansallinen turvallisuusauditointikriteeristö Katakri 2020 julkaistu

valtioneuvosto.fi/-/kansallinen-turvallisuusauditointikriteeristo-katakri-2020-julkaistu Kansallisen turvallisuusviranomainen NSA julkaisee Katakri 2020:n, eli viranomaisten tietoturvallisuuden auditointityökaluksi tarkoitetun kansallisen auditointikriteeristön 18.joulukuuta 2020 verkkoversiona.. Katakrin neljännen version päivitystyön taustalla keskeisimpänä tekijänä on ollut vastaaminen 2020 alusta uusiutuneen kansallisen lainsäädännön muutoksiin.. Painettu julkaisu ja englanninkielinen verkkoversio on saatavilla vuoden 2021 alkupuolella.

SolarWinds hackers breach US nuclear weapons agency

www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/ US DOE has confirmed that the hacking group behind the SolarWinds compromise also hacked the networks of the US nuclear weapons agency. At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission-essential national security functions of the Department, including the National Nuclear Security Administration (NNSA)

Sunburst’s C2 Secrets Reveal Second-Stage SolarWinds Victims

threatpost.com/sunburst-c2-secrets-rsolarwinds-victims/162426/ Examining the backdoor’s DNS communications led researchers to find a government agency and a big U.S. telco that were flagged for further exploitation in the spy campaign.

NSA warns of hackers forging cloud authentication information

www.bleepingcomputer.com/news/security/nsa-warns-of-hackers-forging-cloud-authentication-information/ NSA released the guidance “in response to ongoing cybersecurity events, ” referring to SolarWinds supply-chain attack that targeted private and government organizations in at least seven countries by Microsoft’s count. The two tactics, techniques, and procedures (TTPs) discussed in NSA’s advisory have been in use since at least 2017 and refer to forging Security Assertion Markup Language (SAML) tokens for single sign-on (SSO) authentication to other service providers. NSA Advisory PDF:

media.defense.gov/2020/Dec/17/2002554125/-1/-1/0/AUTHENTICATION_MECHANISMS_CSA_U_OO_198854_20.PDF

Europol launches new decryption platform for law enforcement

www.bleepingcomputer.com/news/security/europol-launches-new-decryption-platform-for-law-enforcement/ Europol and the European Commission have launched a new decryption platform that will help boost Europol’s ability to gain access to information stored in encrypted media collected during criminal investigations. The new decryption platform operated by Europol’s European Cybercrime Centre (EC3) was developed in collaboration with the European Commission’s Joint Research Centre science and knowledge service. “In full respect of fundamental rights and without limiting or weakening encryption, this initiative will be available to national law enforcement authorities of all Member States to help keep societies and citizens safe and secure, ” the Europol added.

You might be interested in …

Daily NCSC-FI news followup 2019-11-16

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers threatpost.com/holiday-shoppers-malicious-sites-posing-retailers/150326/ As the holiday season looms, cybercrooks are going after shoppers with more than 100,000 lookalike domains mimicking legitimate retailers.. To that point, Venafi researchers uncovered the copycat phishing sites, which use trusted, valid TLS certificates (60 percent of them are free certificates from […]

Read More

Daily NCSC-FI news followup 2020-08-06

Australia’s 2020 Cyber Security Strategy www.pm.gov.au/media/australias-2020-cyber-security-strategy The Morrison Governments 2020 Cyber Security Strategy outlines how we will keep Australian families and businesses secure online, protect and strengthen the security and resilience of Australias critical infrastructure and ensure law enforcement agencies have the powers and technical capabilities to detect, target, investigate and disrupt cybercrime, including on […]

Read More

Daily NCSC-FI news followup 2019-06-28

Exclusive: Western intelligence hacked ‘Russia’s Google’ Yandex to spy on accounts – sources www.reuters.com/article/us-usa-cyber-yandex-exclusive/exclusive-western-intelligence-hacked-russias-google-yandex-to-spy-on-accounts-sources-idUSKCN1TS2SX Hackers working for Western intelligence agencies broke into Russian internet search company Yandex in late 2018 deploying a rare type of malware in an attempt to spy on user accounts, four people with knowledge of the matter told Reuters.. The malware, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.