Daily NCSC-FI news followup 2021-01-02

The Week in Ransomware – January 1st 2021 – New Year Edition

www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-1st-2021-new-year-edition/ This holiday edition cover the latest ransomware news from the past two weeks, including known ransomware attacks and law enforcement takedowns. Over the past two weeks, we have seen ransomware attacks on scent and flavor designed Symrise, FreePBX developer Sangoma, trucking giant Air Forward, and home appliance maker Whirlpool,

Extracting Security Products from SUNBURST DNS Beacons

www.netresec.com/?page=Blog&month=2020-12&post=Extracting-Security-Products-from-SUNBURST-DNS-Beacons The latest version of our SunburstDomainDecoder (v1.7) can be used to reveal which endpoint protection applications that are installed on trojanized SolarWinds Orion deployments. The security application info is extracted from DNS queries for “avsvmcloud.com” subdomains, which is used by SUNBURST as a beacon and C2 channel.

Koronavilkku-sovellus yhteentoimivaksi muiden EU/Eta-maiden sovellusten kanssa

stm.fi/-/koronavilkku-sovellus-yhteentoimivaksi-muiden-eu-eta-maiden-sovellusten-kanssa Koronavilkku-sovelluksesta tulee yhteentoimiva muissa EU/Eta-maissa tai Sveitsissä kehitettyjen sovellusten kanssa. Päivitys tulee loppiaisen jälkeen. Lisäksi:

www.is.fi/digitoday/mobiili/art-2000007712308.html

Revenge RAT targeting users in South America

www.uptycs.com/blog/revenge-rat-targeting-users-in-south-america The Uptycs threat research team recently came across multiple document samples that download Revenge RAT. The campaign currently seems to be active in Brazil.

Pirate Site Search Traffic Tanked Following Google Updates

torrentfreak.com/pirate-site-search-traffic-tanked-following-google-updates-210101/ Pirate sites lost quite a bit of traffic in 2020. A detailed analysis of the yearly trend shows that visitors from search engines dropped by roughly a third. Interestingly, it appears that Google’s algorithm updates did most of the damage.

You might be interested in …

Daily NCSC-FI news followup 2020-09-13

BLINDSIDE – A Speculative Execution Attack www.vusec.net/projects/blindside/ BlindSide allows attackers to hack blind in the Spectre era. That is, given a simple buffer overflow in the kernel and no additional info leak vulnerability, BlindSide can mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory […]

Read More

Daily NCSC-FI news followup 2020-09-24

#InstaHack: how researchers were able to take over the Instagram App using a malicious image blog.checkpoint.com/2020/09/24/instahack-how-researchers-were-able-to-take-over-the-instagram-app-using-a-malicious-image/ Instagram is one of the most popular social media platforms globally, with over 100+ million photos uploaded every day, and nearly 1 billion monthly active users. Individuals and companies share photos and messages about their lives and products to […]

Read More

Daily NCSC-FI news followup 2019-11-08

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it? www.theregister.co.uk/2019/11/07/ubiquiti_networks_phone_home/ Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.. It all kicked off when the US-based manufacturer confirmed that a software update released this […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.