Daily NCSC-FI news followup 2020-12-29

Kyberisku plastiikkakirurgiseen sairaalaan kiristäjät uhkaavat julkaista intiimikuvat

www.is.fi/digitoday/tietoturva/art-2000007709054.html Britanniassa paljastunut hyökkäys on uusi esimerkki siitä, miten ihmisten arkaluonteiset tiedot voivat päätyä kiristysmateriaaliksi. Asiasta kertoo BBC.

Japanese Aerospace Firm Kawasaki Warns of Data Breach

threatpost.com/japanese-aerospace-firm-kawasaki-warns-of-data-breach/162642/ The Japanese aerospace manufacturer said that starting in June, overseas unauthorized access to its servers may have compromised customer data.

US Treasury warns of ransomware targeting COVID-19 vaccine research

www.bleepingcomputer.com/news/security/us-treasury-warns-of-ransomware-targeting-covid-19-vaccine-research/ The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations.

Voyager cryptocurrency broker halted trading due to cyberattack

www.bleepingcomputer.com/news/security/voyager-cryptocurrency-broker-halted-trading-due-to-cyberattack/ The Voyager cryptocurrency brokerage platform halted trading yesterday after suffering a cyberattack targeting their DNS configuration.

ANALYZING APT19 MALWARE USING A STEP-BY-STEP METHOD

cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/ In this blog post were presenting a full analysis of a DLL backdoor also reported publicly as Derusbi. This particular piece of malware is associated with the actor known as APT19 (Codoso, C0d0so, Sunshop Group).

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

thehackernews.com/2020/12/a-google-docs-bug-could-have-allowed.html Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website.

Eduskunnan tietoturvaohjeiden periaatteet kunnossa perehtyminen saattaa kiireessä unohtua

www.karjalainen.fi/uutiset/uutis-alueet/kotimaa/item/269543 Eduskunnan tietoturvaohjeistusta päivitetään jatkuvasti, ja myös koulutusta tietosuojaan ja tietoturvaan liittyvistä asioista on tarjolla. Koulutusta halutaan lisätä, jotta kaikkien kansanedustajien, heidän avustajiensa ja eduskunnan muunkin henkilökunnan valveutuneisuus saadaan riittävälle tasolle.

Daily NCSC-FI news followup 2019-06-10

Email attacks are on the rise www.itproportal.com/news/email-attacks-are-on-the-rise/ The number of organisations that use email security as part of their threat defences is actually shrinking, new figures from Cisco are showing. The Cisco 2019 Cybersecurity Series says that this year, 41 per cent of organisations have this type of security set up, down from 56 per […]

Daily NCSC-FI news followup 2020-06-26

Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards threatpost.com/cardplanet-operator-sentenced-stolen-credit-cards/156956/ The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases. Developer of Mirai, Qbot-based DDoS botnets jailed for 13 months www.bleepingcomputer.com/news/security/developer-of-mirai-qbot-based-ddos-botnets-jailed-for-13-months/ A 22-year-old Washington man was sentenced to 13 months in prison for renting and developing Mirai […]

Daily NCSC-FI news followup 2020-07-29

www.zdnet.com/article/hacker-gang-behind-garmin-attack-doesnt-have-a-history-of-stealing-user-data ‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-systems-using-grub2-and-secure-boot The vulnerability, codenamed BootHole, allows attackers to tamper with the boot-loading process that precedes starting up the actual operating system (OS). Lisäksi: kb.cert.org/vuls/id/174059 ja www.openwall.com/lists/oss-security/2020/07/29/3. Lisäksi: www.bleepingcomputer.com/news/security/boothole-grub-bootloader-bug-lets-hackers-hide-malware-in-linux-windows/ ja www.theregister.com/2020/07/29/grub2_code_exec_flaw/ ja eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ APT reports – APT trends report Q2 2020 securelist.com/apt-trends-report-q2-2020/97937/ For […]