Daily NCSC-FI news followup 2020-12-22

Kyberturvallisuuskeskuksen uusi julkaisu: Opas tietomurtojen havaitsemiseen

www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseen Tässä ohjeessa keskitytään erityisesti tietomurron havaitsemiseen lokitietojen avulla. Esimerkkeinä käytetään Windows Event Log – -­tapahtumalokeja tai muita Windows-­käyttöjärjestelmän lokitapahtumia. Valittuja esimerkkitapahtumia on havaittu tutkituissa tietomurroista tunkeutujien jäljiltä. PDF:

www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/Opas-tietomurtojen-havaitsemiseen.pdf

SolarWinds hackers breached US Treasury officials’ email accounts

www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ US Senator Ron Wyden said that dozens of US Treasury email accounts were compromised by the threat actors behind the SolarWinds hack. The statement was issued after the US Treasury Department and the Internal Revenue Service (IRS) briefed the Committee staff on the SolarWinds supply chain attack.

Microsoft Security Response Center: Solorigate Resource Center

msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/

Law enforcement take down three bulletproof VPN providers

www.zdnet.com/article/law-enforcement-take-down-three-bulletproof-vpn-providers/ Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. The three services were active at insorg[.]org, safe-inet[.]com, and safe-inet[.]net before the domains were seized and replaced with law enforcement banners on Monday.

UK cryptocurrency exchange EXMO suffers breach, funds stolen

grahamcluley.com/uk-cryptocurrency-exchange-exmo-suffers-breach-funds-stolen/

Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat

threatpost.com/nosy-exes-passwords-serious-threat/162533/ Breakups can be traumatic in all sorts of ways. Now we know they can pose a serious cybersecurity threat too. A new survey found that an alarming number of people are still accessing their exes’ accounts without their knowledge a handful for malicious reasons. Get help for this: Disobey Outreach Guides – www.outrch.org/

Microsoft and McAfee headline newly-formed ‘Ransomware Task Force’

www.zdnet.com/article/microsoft-and-mcafee-headline-newly-formed-ransomware-task-force/ A group made up of 19 security firms, tech companies, and non-profits, headlined by big names such as Microsoft and McAfee, have announced on Monday plans to form a new coalition to deal with the rising threat of ransomware. The Ransomware Task Force website, including full membership details and leadership roles, will be launched next month, in January 2021, followed by a two-to-three month sprint to get the task force off the ground.

Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

threatpost.com/tech-giants-lend-whatsapp-support-in-spyware-case-against-nso-group/162552/ Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities. Electronic Frontier Foundation (EFF) filed an amicus brief of its own to support WhatsApp, asserting that the case is not merely a battle of tech companies, but has a potential outcome that will have “profound implications for millions of Internet users and other citizens of countries around the world.”. Also:

venturebeat.com/2020/12/22/microsoft-and-google-join-facebooks-legal-battle-against-hacking-company-nso/

Cybersecurity errors at Nakatomi

www.kaspersky.com/blog/die-hard-cybersecurity/38169/ We examine the first installment in the Die Hard series from a cybersecurity standpoint.

You might be interested in …

Daily NCSC-FI news followup 2019-10-23

NCSC-UK Annual Review 2019 www.ncsc.gov.uk/news/annual-review-2019 Single-page version PDF: www.ncsc.gov.uk/files/NCSC_Annual%20Review_2019%20single%20pagination.pdf Virus Bulletin confernce 2019: Papers on Emotet and Ryuk www.virusbulletin.com/blog/2019/10/vb2019-papers-emotet-and-ryuk/ Targeted ransomware has become one of the biggest and most damaging cybercrime trends in recent years. ‘Targeted’ is a bit of a misnomer though: the operators of the ransomware rarely choose the victim organisations. Instead, they […]

Read More

Daily NCSC-FI news followup 2020-10-08

Saitko tekstiviestin Postin nimissä? Varothan, viesti voi olla huijaus www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/saitko-tekstiviestin-postin-nimissa-varothan-viesti-voi-olla-huijaus Päivitetty 07.10.2020 14:28. Uudessa huijaustyypissä tekstiviestillä lähetetystä linkistä aukeava kalastelusivu muuntautuu päätelaitteesi mukaan: iOS-laitteilta kalastellaan iCloud-tunnuksia, Androideille tarjotaan haitallista sovellusta (.apk-paketti). Android Users Beware: Delete These 240 Malicious Apps Now www.forbes.com/sites/kateoflahertyuk/2020/10/08/android-users-beware-delete-these-240-malicious-apps-now/ Android users need to check their devices today after security researchers revealed 240 malicious […]

Read More

Daily NCSC-FI news followup 2021-01-22

Weekly Threat Report 22nd January 2021 www.ncsc.gov.uk/report/weekly-threat-report-22nd-january-2021 The NCSC’s weekly threat report is drawn from recent open source reporting. A look at the NIS 2.0 Recitals cert.at/en/blog/2021/1/nis2-recitals-feedback Cyber Criminals Leave Stolen Phishing Credentials in Plain Sight blog.checkpoint.com/2021/01/21/cyber-criminals-leave-stolen-phishing-credentials-in-plain-sight/ Check Point Research recently joined forces with Otorio to analyze and take a deep dive into a large […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.