Daily NCSC-FI news followup 2020-12-22

Kyberturvallisuuskeskuksen uusi julkaisu: Opas tietomurtojen havaitsemiseen

www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseen Tässä ohjeessa keskitytään erityisesti tietomurron havaitsemiseen lokitietojen avulla. Esimerkkeinä käytetään Windows Event Log – -­tapahtumalokeja tai muita Windows-­käyttöjärjestelmän lokitapahtumia. Valittuja esimerkkitapahtumia on havaittu tutkituissa tietomurroista tunkeutujien jäljiltä. PDF:

www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/Opas-tietomurtojen-havaitsemiseen.pdf

SolarWinds hackers breached US Treasury officials’ email accounts

www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ US Senator Ron Wyden said that dozens of US Treasury email accounts were compromised by the threat actors behind the SolarWinds hack. The statement was issued after the US Treasury Department and the Internal Revenue Service (IRS) briefed the Committee staff on the SolarWinds supply chain attack.

Microsoft Security Response Center: Solorigate Resource Center

msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/

Law enforcement take down three bulletproof VPN providers

www.zdnet.com/article/law-enforcement-take-down-three-bulletproof-vpn-providers/ Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. The three services were active at insorg[.]org, safe-inet[.]com, and safe-inet[.]net before the domains were seized and replaced with law enforcement banners on Monday.

UK cryptocurrency exchange EXMO suffers breach, funds stolen

grahamcluley.com/uk-cryptocurrency-exchange-exmo-suffers-breach-funds-stolen/

Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat

threatpost.com/nosy-exes-passwords-serious-threat/162533/ Breakups can be traumatic in all sorts of ways. Now we know they can pose a serious cybersecurity threat too. A new survey found that an alarming number of people are still accessing their exes’ accounts without their knowledge a handful for malicious reasons. Get help for this: Disobey Outreach Guides – www.outrch.org/

Microsoft and McAfee headline newly-formed ‘Ransomware Task Force’

www.zdnet.com/article/microsoft-and-mcafee-headline-newly-formed-ransomware-task-force/ A group made up of 19 security firms, tech companies, and non-profits, headlined by big names such as Microsoft and McAfee, have announced on Monday plans to form a new coalition to deal with the rising threat of ransomware. The Ransomware Task Force website, including full membership details and leadership roles, will be launched next month, in January 2021, followed by a two-to-three month sprint to get the task force off the ground.

Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

threatpost.com/tech-giants-lend-whatsapp-support-in-spyware-case-against-nso-group/162552/ Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities. Electronic Frontier Foundation (EFF) filed an amicus brief of its own to support WhatsApp, asserting that the case is not merely a battle of tech companies, but has a potential outcome that will have “profound implications for millions of Internet users and other citizens of countries around the world.”. Also:

venturebeat.com/2020/12/22/microsoft-and-google-join-facebooks-legal-battle-against-hacking-company-nso/

Cybersecurity errors at Nakatomi

www.kaspersky.com/blog/die-hard-cybersecurity/38169/ We examine the first installment in the Die Hard series from a cybersecurity standpoint.

You might be interested in …

Daily NCSC-FI news followup 2020-12-13

Exclusive: U.S. Treasury breached by hackers backed by foreign government – sources www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive-idUSKBN28N0PG A sophisticated hacking group backed by a foreign government stole information from the U.S. Treasury Department and a U.S. agency responsible for deciding policy around the internet and telecommunications, according to people familiar with the matter. “The United States government is aware […]

Read More

Daily NCSC-FI news followup 2020-04-22

Google Sees State-Sponsored Hackers Ramping Up Coronavirus Attacks www.wired.com/story/google-state-sponsored-hackers-coronavirus-phishing-malware/ More than 12 government-backed groups are using the pandemic as cover for digital reconnaissance and espionage, according to a new report. Report: blog.google/technology/safety-security/threat-analysis-group/findings-covid-19-and-online-security-threats/ Chinese Agents Helped Spread Messages That Sowed Virus Panic in U.S., Officials Say www.nytimes.com/2020/04/22/us/politics/coronavirus-china-disinformation.html American officials were alarmed by fake text messages and […]

Read More

Daily NCSC-FI news followup 2020-06-14

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.