Kansallinen turvallisuusauditointikriteeristö Katakri 2020 julkaistu
valtioneuvosto.fi/-/kansallinen-turvallisuusauditointikriteeristo-katakri-2020-julkaistu Kansallisen turvallisuusviranomainen NSA julkaisee Katakri 2020:n, eli viranomaisten tietoturvallisuuden auditointityökaluksi tarkoitetun kansallisen auditointikriteeristön 18.joulukuuta 2020 verkkoversiona.. Katakrin neljännen version päivitystyön taustalla keskeisimpänä tekijänä on ollut vastaaminen 2020 alusta uusiutuneen kansallisen lainsäädännön muutoksiin.. Painettu julkaisu ja englanninkielinen verkkoversio on saatavilla vuoden 2021 alkupuolella.
SolarWinds hackers breach US nuclear weapons agency
www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/ US DOE has confirmed that the hacking group behind the SolarWinds compromise also hacked the networks of the US nuclear weapons agency. At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission-essential national security functions of the Department, including the National Nuclear Security Administration (NNSA)
Sunburst’s C2 Secrets Reveal Second-Stage SolarWinds Victims
threatpost.com/sunburst-c2-secrets-rsolarwinds-victims/162426/ Examining the backdoor’s DNS communications led researchers to find a government agency and a big U.S. telco that were flagged for further exploitation in the spy campaign.
NSA warns of hackers forging cloud authentication information
www.bleepingcomputer.com/news/security/nsa-warns-of-hackers-forging-cloud-authentication-information/ NSA released the guidance “in response to ongoing cybersecurity events, ” referring to SolarWinds supply-chain attack that targeted private and government organizations in at least seven countries by Microsoft’s count. The two tactics, techniques, and procedures (TTPs) discussed in NSA’s advisory have been in use since at least 2017 and refer to forging Security Assertion Markup Language (SAML) tokens for single sign-on (SSO) authentication to other service providers. NSA Advisory PDF:
media.defense.gov/2020/Dec/17/2002554125/-1/-1/0/AUTHENTICATION_MECHANISMS_CSA_U_OO_198854_20.PDF
Europol launches new decryption platform for law enforcement
www.bleepingcomputer.com/news/security/europol-launches-new-decryption-platform-for-law-enforcement/ Europol and the European Commission have launched a new decryption platform that will help boost Europol’s ability to gain access to information stored in encrypted media collected during criminal investigations. The new decryption platform operated by Europol’s European Cybercrime Centre (EC3) was developed in collaboration with the European Commission’s Joint Research Centre science and knowledge service. “In full respect of fundamental rights and without limiting or weakening encryption, this initiative will be available to national law enforcement authorities of all Member States to help keep societies and citizens safe and secure, ” the Europol added.
