Kyberturvallisuuskeskuksen uusi julkaisu: Opas tietomurtojen havaitsemiseen
www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseen Tässä ohjeessa keskitytään erityisesti tietomurron havaitsemiseen lokitietojen avulla. Esimerkkeinä käytetään Windows Event Log – -tapahtumalokeja tai muita Windows-käyttöjärjestelmän lokitapahtumia. Valittuja esimerkkitapahtumia on havaittu tutkituissa tietomurroista tunkeutujien jäljiltä. PDF:
www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/Opas-tietomurtojen-havaitsemiseen.pdf
SolarWinds hackers breached US Treasury officials’ email accounts
www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ US Senator Ron Wyden said that dozens of US Treasury email accounts were compromised by the threat actors behind the SolarWinds hack. The statement was issued after the US Treasury Department and the Internal Revenue Service (IRS) briefed the Committee staff on the SolarWinds supply chain attack.
Microsoft Security Response Center: Solorigate Resource Center
msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/
Law enforcement take down three bulletproof VPN providers
www.zdnet.com/article/law-enforcement-take-down-three-bulletproof-vpn-providers/ Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. The three services were active at insorg[.]org, safe-inet[.]com, and safe-inet[.]net before the domains were seized and replaced with law enforcement banners on Monday.
UK cryptocurrency exchange EXMO suffers breach, funds stolen
grahamcluley.com/uk-cryptocurrency-exchange-exmo-suffers-breach-funds-stolen/
Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat
threatpost.com/nosy-exes-passwords-serious-threat/162533/ Breakups can be traumatic in all sorts of ways. Now we know they can pose a serious cybersecurity threat too. A new survey found that an alarming number of people are still accessing their exes’ accounts without their knowledge a handful for malicious reasons. Get help for this: Disobey Outreach Guides – www.outrch.org/
Microsoft and McAfee headline newly-formed ‘Ransomware Task Force’
www.zdnet.com/article/microsoft-and-mcafee-headline-newly-formed-ransomware-task-force/ A group made up of 19 security firms, tech companies, and non-profits, headlined by big names such as Microsoft and McAfee, have announced on Monday plans to form a new coalition to deal with the rising threat of ransomware. The Ransomware Task Force website, including full membership details and leadership roles, will be launched next month, in January 2021, followed by a two-to-three month sprint to get the task force off the ground.
Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group
threatpost.com/tech-giants-lend-whatsapp-support-in-spyware-case-against-nso-group/162552/ Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities. Electronic Frontier Foundation (EFF) filed an amicus brief of its own to support WhatsApp, asserting that the case is not merely a battle of tech companies, but has a potential outcome that will have “profound implications for millions of Internet users and other citizens of countries around the world.”. Also:
Cybersecurity errors at Nakatomi
www.kaspersky.com/blog/die-hard-cybersecurity/38169/ We examine the first installment in the Die Hard series from a cybersecurity standpoint.