Daily NCSC-FI news followup 2020-12-25

SUNBURST Additional Technical Details

www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html FireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we recommend readers familiarize themselves with our blog post about the SolarWinds supply chain compromise, which revealed a global intrusion campaign by a sophisticated threat actor we are currently tracking as UNC2452.

CrowdStrike releases free Azure security tool after failed hack

www.bleepingcomputer.com/news/security/crowdstrike-releases-free-azure-security-tool-after-failed-hack/ Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company’s emails through compromised by Microsoft Azure credentials.. see also


CISA Releases Free Detection Tool for Azure/M365 Environment

us-cert.cisa.gov/ncas/current-activity/2020/12/24/cisa-releases-free-detection-tool-azurem365-environment CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and authentication-based attacks seen in multiple sectors.. The tool: github.com/cisagov/Sparrow

Russian crypto-exchange Livecoin hacked after it lost control of its servers

www.zdnet.com/article/russian-crypto-exchange-livecoin-hacked-after-it-lost-control-of-its-servers/ Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values.

Microsoft, Citrix Help Form New Task Force To Take On Global Ransomware Scourge

www.forbes.com/sites/leemathews/2020/12/24/microsoft-citrix-help-form-new-task-force-to-take-on-global-ransomware-scourge/ Ransomware has plagued computer networks around the world for more than a decade and a half. For many, an attack can seem inevitable a matter of when and not if. The Ransomware Task Force has formed to change all that.

You might be interested in …

Daily NCSC-FI news followup 2019-07-22

Fuzz rising www.cloudatomiclab.com/fuzz/ – From the Debian stats, of the billion or so lines of code, 43% is ANSI C and 24% is C++ which has many of the same problems in many codebases. So 670 million lines of code, in general without enough maintainers to deal with the existing and coming waves of security […]

Read More

Daily NCSC-FI news followup 2020-11-03

Tietoturvan suunnannäyttäjä -tunnustuksen voittajat tekevät korvaamatonta työtä yhteiskunnan kyberturvallisuuden hyväksi www.epressi.com/tiedotteet/teknologia/tietoturvan-suunnannayttaja-tunnustuksen-voittajat-tekevat-korvaamatonta-tyota-yhteiskunnan-kyberturvallisuuden-hyvaksi.html Tietoturvan suunnannäyttäjä -tunnustus jaettiin 3.11.2020 Liikenne- ja viestintävirasto Traficomin Kyberturvallisuuskeskuksen ja Huoltovarmuuskeskuksen vuosittaisessa tietoturvaseminaarissa. Tunnustuksen saivat Jouko Katainen (Ilmarinen), Jussi Törhönen (Enfo), Tomi Vehkasalo (Aditro) ja Jani Räty (Aditro) tunnustuksena aktiivisesta yhteistyöstä Traficomin Kyberturvallisuuskeskuksen kanssa. Lue myös: www.tivi.fi/uutiset/tv/7d1639eb-94bc-452a-ab6b-0058bb0cbb51 Vastaamon tietomurto aiheutti vyöryn: viikossa tehty […]

Read More

Daily NCSC-FI news followup 2020-11-28

Europol and partners thwart massive credit card fraud scheme www.welivesecurity.com/2020/11/27/europol-partners-thwart-credit-card-fraud-scheme/ Europol and several national law enforcement agencies have teamed up to disrupt trade in stolen credit card data on the dark web, ultimately preventing around 40 million (US$48 million) in losses for both consumers and financial organizations. The operation, dubbed Carding Action 2020, was carried […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.