Daily NCSC-FI news followup 2020-12-29

Kyberisku plastiikkakirurgiseen sairaalaan kiristäjät uhkaavat julkaista intiimikuvat

www.is.fi/digitoday/tietoturva/art-2000007709054.html Britanniassa paljastunut hyökkäys on uusi esimerkki siitä, miten ihmisten arkaluonteiset tiedot voivat päätyä kiristysmateriaaliksi. Asiasta kertoo BBC.

Japanese Aerospace Firm Kawasaki Warns of Data Breach

threatpost.com/japanese-aerospace-firm-kawasaki-warns-of-data-breach/162642/ The Japanese aerospace manufacturer said that starting in June, overseas unauthorized access to its servers may have compromised customer data.

US Treasury warns of ransomware targeting COVID-19 vaccine research

www.bleepingcomputer.com/news/security/us-treasury-warns-of-ransomware-targeting-covid-19-vaccine-research/ The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations.

Voyager cryptocurrency broker halted trading due to cyberattack

www.bleepingcomputer.com/news/security/voyager-cryptocurrency-broker-halted-trading-due-to-cyberattack/ The Voyager cryptocurrency brokerage platform halted trading yesterday after suffering a cyberattack targeting their DNS configuration.

ANALYZING APT19 MALWARE USING A STEP-BY-STEP METHOD

cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/ In this blog post were presenting a full analysis of a DLL backdoor also reported publicly as Derusbi. This particular piece of malware is associated with the actor known as APT19 (Codoso, C0d0so, Sunshop Group).

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

thehackernews.com/2020/12/a-google-docs-bug-could-have-allowed.html Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website.

Eduskunnan tietoturvaohjeiden periaatteet kunnossa perehtyminen saattaa kiireessä unohtua

www.karjalainen.fi/uutiset/uutis-alueet/kotimaa/item/269543 Eduskunnan tietoturvaohjeistusta päivitetään jatkuvasti, ja myös koulutusta tietosuojaan ja tietoturvaan liittyvistä asioista on tarjolla. Koulutusta halutaan lisätä, jotta kaikkien kansanedustajien, heidän avustajiensa ja eduskunnan muunkin henkilökunnan valveutuneisuus saadaan riittävälle tasolle.

You might be interested in …

Daily NCSC-FI news followup 2020-05-22

Ragnar Locker ransomware deploys virtual machine to dodge security news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/ A new ransomware attack method takes defense evasion to a new leveldeploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine.. […]

Read More

Daily NCSC-FI news followup 2020-12-24

Windows zero-day with bad patch gets new public exploit code www.bleepingcomputer.com/news/security/windows-zero-day-with-bad-patch-gets-new-public-exploit-code/ Back in June, Microsoft released a fix for a vulnerability in the Windows operating system that enabled attackers to increase their permissions to kernel level on a compromised machine. The patch did not stick.. The issue, which advanced hackers exploited as a zero-day in […]

Read More

Daily NCSC-FI news followup 2019-07-05

Google Chrome to Unload Heavy Ads With Intensive Resource Usage www.bleepingcomputer.com/news/google/google-chrome-to-unload-heavy-ads-with-intensive-resource-usage/ Google is currently working on adding a new feature to the Chrome web browser designed to automatically unload ads which use an outrageous amount of system resources in an effort to shrink the browser’s CPU and network footprint. Samsung Update App with 10M+ Installs […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.