Daily NCSC-FI news followup 2020-12-18

Kansallinen turvallisuusauditointikriteeristö Katakri 2020 julkaistu

valtioneuvosto.fi/-/kansallinen-turvallisuusauditointikriteeristo-katakri-2020-julkaistu Kansallisen turvallisuusviranomainen NSA julkaisee Katakri 2020:n, eli viranomaisten tietoturvallisuuden auditointityökaluksi tarkoitetun kansallisen auditointikriteeristön 18.joulukuuta 2020 verkkoversiona.. Katakrin neljännen version päivitystyön taustalla keskeisimpänä tekijänä on ollut vastaaminen 2020 alusta uusiutuneen kansallisen lainsäädännön muutoksiin.. Painettu julkaisu ja englanninkielinen verkkoversio on saatavilla vuoden 2021 alkupuolella.

SolarWinds hackers breach US nuclear weapons agency

www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/ US DOE has confirmed that the hacking group behind the SolarWinds compromise also hacked the networks of the US nuclear weapons agency. At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission-essential national security functions of the Department, including the National Nuclear Security Administration (NNSA)

Sunburst’s C2 Secrets Reveal Second-Stage SolarWinds Victims

threatpost.com/sunburst-c2-secrets-rsolarwinds-victims/162426/ Examining the backdoor’s DNS communications led researchers to find a government agency and a big U.S. telco that were flagged for further exploitation in the spy campaign.

NSA warns of hackers forging cloud authentication information

www.bleepingcomputer.com/news/security/nsa-warns-of-hackers-forging-cloud-authentication-information/ NSA released the guidance “in response to ongoing cybersecurity events, ” referring to SolarWinds supply-chain attack that targeted private and government organizations in at least seven countries by Microsoft’s count. The two tactics, techniques, and procedures (TTPs) discussed in NSA’s advisory have been in use since at least 2017 and refer to forging Security Assertion Markup Language (SAML) tokens for single sign-on (SSO) authentication to other service providers. NSA Advisory PDF:

media.defense.gov/2020/Dec/17/2002554125/-1/-1/0/AUTHENTICATION_MECHANISMS_CSA_U_OO_198854_20.PDF

Europol launches new decryption platform for law enforcement

www.bleepingcomputer.com/news/security/europol-launches-new-decryption-platform-for-law-enforcement/ Europol and the European Commission have launched a new decryption platform that will help boost Europol’s ability to gain access to information stored in encrypted media collected during criminal investigations. The new decryption platform operated by Europol’s European Cybercrime Centre (EC3) was developed in collaboration with the European Commission’s Joint Research Centre science and knowledge service. “In full respect of fundamental rights and without limiting or weakening encryption, this initiative will be available to national law enforcement authorities of all Member States to help keep societies and citizens safe and secure, ” the Europol added.

You might be interested in …

Daily NCSC-FI news followup 2021-10-02

Conti gang threatens to dump victim data if ransom negotiations leak to reporters therecord.media/conti-gang-threatens-to-dump-victim-data-if-ransom-negotiations-leak-to-reporters/ The Conti ransomware gang has published a rare public statement today threatening hacked companies that they will leak their stolen files if details or screenshots of the ransom negotiations process are leaked to journalists. US unites 30 countries to disrupt global […]

Read More

Daily NCSC-FI news followup 2020-02-12

Valentines & Chocolate Dont Always Equal Love blog.checkpoint.com/2020/02/12/valentines-chocolate-dont-always-equal-love/ With Valentines Day approaching, lovers around the world are working on finding the best way to celebrate with their loved ones. Meanwhile cyber criminals around the world also seem to be caught up in the spirit of this unique day. Over the past 2 years, Check Point […]

Read More

Daily NCSC-FI news followup 2021-09-23

KRP varoittaa ovelasta Omakanta-huijauksesta toimi näin suojautuaksesi www.is.fi/digitoday/tietoturva/art-2000008285667.html Poliisi kehottaa noudattamaan varovaisuutta pankkitunnuksilla sähköiseen palveluun kirjauduttaessa. VoIP company battles massive ransom DDoS attack www.zdnet.com/article/voip-company-battles-massive-ransom-ddos-attack/ VoIP company battles massive ransom DDoS attack. katso myös www.is.fi/digitoday/art-2000008284709.html FamousSparrow: A suspicious hotel guest www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/ ESET researchers have uncovered a new cyberespionage group targeting hotels, governments, and private companies worldwide. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.