Daily NCSC-FI news followup 2020-12-29

Kyberisku plastiikkakirurgiseen sairaalaan kiristäjät uhkaavat julkaista intiimikuvat

www.is.fi/digitoday/tietoturva/art-2000007709054.html Britanniassa paljastunut hyökkäys on uusi esimerkki siitä, miten ihmisten arkaluonteiset tiedot voivat päätyä kiristysmateriaaliksi. Asiasta kertoo BBC.

Japanese Aerospace Firm Kawasaki Warns of Data Breach

threatpost.com/japanese-aerospace-firm-kawasaki-warns-of-data-breach/162642/ The Japanese aerospace manufacturer said that starting in June, overseas unauthorized access to its servers may have compromised customer data.

US Treasury warns of ransomware targeting COVID-19 vaccine research

www.bleepingcomputer.com/news/security/us-treasury-warns-of-ransomware-targeting-covid-19-vaccine-research/ The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations.

Voyager cryptocurrency broker halted trading due to cyberattack

www.bleepingcomputer.com/news/security/voyager-cryptocurrency-broker-halted-trading-due-to-cyberattack/ The Voyager cryptocurrency brokerage platform halted trading yesterday after suffering a cyberattack targeting their DNS configuration.

ANALYZING APT19 MALWARE USING A STEP-BY-STEP METHOD

cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/ In this blog post were presenting a full analysis of a DLL backdoor also reported publicly as Derusbi. This particular piece of malware is associated with the actor known as APT19 (Codoso, C0d0so, Sunshop Group).

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

thehackernews.com/2020/12/a-google-docs-bug-could-have-allowed.html Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website.

Eduskunnan tietoturvaohjeiden periaatteet kunnossa perehtyminen saattaa kiireessä unohtua

www.karjalainen.fi/uutiset/uutis-alueet/kotimaa/item/269543 Eduskunnan tietoturvaohjeistusta päivitetään jatkuvasti, ja myös koulutusta tietosuojaan ja tietoturvaan liittyvistä asioista on tarjolla. Koulutusta halutaan lisätä, jotta kaikkien kansanedustajien, heidän avustajiensa ja eduskunnan muunkin henkilökunnan valveutuneisuus saadaan riittävälle tasolle.

Daily NCSC-FI news followup 2020-11-12

Two New Chrome 0-Days Under Active Attacks Update Your Browser thehackernews.com/2020/11/two-new-chrome-0-days-under-active.html Google has patched two more zero-day flaws in the Chrome web browser for desktop, making it the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks. Lisäksi: chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html. Lisäksi: www.zdnet.com/article/google-patches-two-more-chrome-zero-days/. Lisäksi: us-cert.cisa.gov/ncas/current-activity/2020/11/12/google-releases-security-updates-chrome. Lisäksi: threatpost.com/2-zero-day-bugs-google-chrome/161160/ DNS cache poisoning, the Internet […]

Daily NCSC-FI news followup 2020-09-19

5 ways cybercriminals can try to extort you www.welivesecurity.com/2020/09/18/five-cybercriminals-extortion-schemes/ When it comes to coercing people into parting with their money, cybercriminals seem to have an endless bag of tricks to choose from. There are some tricks, that they favor more than others, one of which is extortion. According to the FBIs latest Internet Crime Report, […]

Daily NCSC-FI news followup 2020-06-30

Yes, Apple/Google COVID-19 Tracking Is Now On Your PhoneHere’s The Problem www.forbes.com/sites/zakdoffman/2020/06/29/serious-new-blow-for-apple-and-google-as-covid-19-phone-tracking-is-rejected/ Australia has now rejected the Apple and Google framework embedded in the latest versions of Android and iOS, deciding to keep its COVIDSafe app independent. The reason is simple, the Apple/Google model “fundamentally changes the locus of control and takes out the middle […]