Daily NCSC-FI news followup 2020-12-26

SolarWinds releases updated advisory for new SUPERNOVA malware

www.bleepingcomputer.com/news/security/solarwinds-releases-updated-advisory-for-new-supernova-malware/ SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company’s network management platform.. see also

www.solarwinds.com/securityadvisory. and

kb.cert.org/vuls/id/843464

Apple iCloud outage prevents device activations, access to data

www.bleepingcomputer.com/news/apple/apple-icloud-outage-prevents-device-activations-access-to-data/ Apple users are experiencing problems setting up new devices or accessing files stored on the cloud due to an ongoing iCloud outage that has lasted for more than 24 hours.

Security News This Week: Bulletproof Criminal VPN Taken Down in Global Sting

www.wired.com/story/security-news-bulletproof-criminal-vpn-taken-down/ Plus: Dozens of reporters get hit by an iMessage exploit, continued fallout from the SolarWinds hack, and more of the weeks top security news.

Huijauksista varoitus kaikuu kuuroille korville: joka viides työntekijä menee lankaan

www.tivi.fi/uutiset/tv/5b33e124-8ddc-4896-9354-be5f3c329d86 Vuosi 2020 on ollut erittäin vilkas erilaisten huijausyritysten ja tietojenkalastelun osalta. Google on raportoinut yli kahdesta miljoonasta tietojenkalastelusivustosta, jotka on havaittu kuluneena vuonna. Vuonna 2020 havaittiin viikossa keskimäärin 46 000 uutta huijaussivustoa.

Daily NCSC-FI news followup 2019-12-28

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/ The systems encrypted by Ryuk Ransomware directly impacted the facility’s “entire corporate IT network (beyond the footprint of the facility)” [emphasis ours] and physical access and camera control systems, and it also led to “loss of critical process control monitoring systems.” Ransomware Hits Maastricht […]

Daily NCSC-FI news followup 2021-07-27

Microsoft Teams now automatically blocks phishing attempts www.bleepingcomputer.com/news/security/microsoft-teams-now-automatically-blocks-phishing-attempts/ Microsoft has extended Defender for Office 365 Safe Links protection to Microsoft Teams to safeguard users from malicious URL-based phishing attacks.. This added protection couldn’t have come at a better time, seeing that, based on Microsoft’s stats, the Microsoft Teams userbase has exploded over the last 18 […]

Daily NCSC-FI news followup 2020-03-28

Two zero days are Targeting DrayTek Broadband CPE Devices blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/ rom December 4, 2019, 360Netlab Threat Detection System has observed two different attack groups using two 0-day vulnerabilities of DrayTek[1] Vigor enterprise routers and switch devices to conduct a series of attacks, including eavesdropping on devices network traffic, running SSH services on high ports, creating […]