Daily NCSC-FI news followup 2021-01-05

Käsikirja tukemaan terveydenhuollon kyberturvallisuutta Suomessa myös koronakriisin aikaisia vaikutuksia käsitelty

www.epressi.com/tiedotteet/terveys/kasikirja-tukemaan-terveydenhuollon-kyberturvallisuutta-suomessa-myos-koronakriisin-aikaisia-vaikutuksia-kasitelty.html Jyväskylän ammattikorkeakoulu (JAMK) on julkaissut käsikirjan kyberhäiriöiden hallintaan terveydenhuollon toimijoille. Julkaisu auttaa eri kokoisia terveydenhuollon organisaatioita kehittämään kyberhäiriöiden hallinnan prosesseja ja toimintaohjeita.

SolarWinds: The more we learn, the worse it looks

www.zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/ While you’ve been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks. Lisäksi:

www.schneier.com/blog/archives/2021/01/latest-on-the-svrs-solarwinds-hack.html

Australian cybersecurity agency used as cover in malware campaign

www.bleepingcomputer.com/news/security/australian-cybersecurity-agency-used-as-cover-in-malware-campaign/ The Australian Cyber Security Centre (ACSC) warns some Australians are receiving phone calls or emails from scammers claiming to be ACSC employees and that the receiving person’s computer has been compromised, ” the cybersecurity agency warned. Lisäksi:

www.cyber.gov.au/acsc/view-all-content/alerts/phone-and-email-scammers-impersonating-acsc

Babuk Locker is the first new enterprise ransomware of 2021

www.bleepingcomputer.com/news/security/babuk-locker-is-the-first-new-enterprise-ransomware-of-2021/ Babuk Locker is a new ransomware operation that launched at the beginning of 2021 and has since amassed a small list of victims from around the world. From ransom negotiations with victims seen by BleepingComputer, demands range from $60, 000 to $85, 000 in Bitcoin.

Cross-platform ElectroRAT malware drains cryptocurrency wallets

www.bleepingcomputer.com/news/security/cross-platform-electrorat-malware-drains-cryptocurrency-wallets/ Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. Named ElectroRAT after being discovered in December, the cross-platform RAT malware is written in Golang and it was used as part of a campaign that has been targeting cryptocurrency users since the start of 2020. Lisäksi:

arstechnica.com/information-technology/2021/01/cryptocurrency-stealer-for-windows-macos-and-linux-went-undetected-for-a-year/. Lisäksi:

thehackernews.com/2021/01/warning-cross-platform-electrorat.html

Air-Fi is another path to stealing data from an isolated computer

www.kaspersky.com/blog/air-fi-data-exfiltration/38310/ Computers don’t necessarily need a Wi-Fi module to transmit information over Wi-Fi, Israeli researchers have found. A new study describes yet another way to extract data from an isolated computer, this time using Wi-Fi technology (hence the name Air-Fi).

North Korean software supply chain attack targets stock investors

www.bleepingcomputer.com/news/security/north-korean-software-supply-chain-attack-targets-stock-investors/ North Korean hacking group Thallium aka APT37 has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week. This week, ESTsecurity Security Response Center (ESRC) reported on North Korean hacking group altering a private stock investment messaging application to ship malicious code.

Attacks targeting healthcare organizations spike globally as COVID-19 cases rise again

blog.checkpoint.com/2021/01/05/attacks-targeting-healthcare-organizations-spike-globally-as-covid-19-cases-rise-again/ At the end of October 2020, we reported that hospitals and healthcare organizations had been targeted by a rising wave of ransomware attacks, with the majority of attacks using the infamous Ryuk ransomware. This followed a Joint Cybersecurity Advisory issued by the CISA, FBI and HHS, which warned of an increased and imminent cybercrime threat to US hospitals and healthcare providers. Lisäksi:

www.bleepingcomputer.com/news/security/ryuk-ransomware-is-the-top-threat-for-the-healthcare-sector/. Lisäksi:

thehackernews.com/2021/01/healthcare-industry-witnessed-45-spike.html

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

thehackernews.com/2021/01/google-speech-to-text-api-can-help.html A three-year-old attack technique to bypass Google’s audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. Lisäksi:

incolumitas.com/2021/01/02/breaking-audio-recaptcha-with-googles-own-speech-to-text-api/

NSA shares guidance, tools to mitigate weak encryption protocols

www.bleepingcomputer.com/news/security/nsa-shares-guidance-tools-to-mitigate-weak-encryption-protocols/ The National Security Agency (NSA) has shared guidance on how to detect and replace outdated Transport Layer Security (TLS) protocol versions with up to date and secure variants. The US intelligence agency also highlights the dangers behind using deprecated TLS including both risks of sensitive data exposure and decryption of network traffic in man-in-the-middle attacks.

You might be interested in …

Daily NCSC-FI news followup 2020-08-28

Is China the World’s Greatest Cyber Power? www.darkreading.com/threat-intelligence/is-china-the-worlds-greatest-cyber-power/d/d-id/1338778 The nation’s aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen […]

Read More

Daily NCSC-FI news followup 2020-04-14

Koronan ja 5g:n yhdistävä salaliittoteoria leviää nyt tukiasemat palavat Hollannissa www.is.fi/digitoday/mobiili/art-2000006474027.html Tuhopoltoiksi epäillyt tukiasemapalot levisivät Britanniasta Hollantiin. Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminalswith no conscience and empathyare continuously targeting healthcare organizations, research facilities, and other governmental […]

Read More

Daily NCSC-FI news followup 2021-01-10

Eilakaisla joutui kyber­hyökkäyksen kohteeksi henkilö­tietojen vuoto ei pois suljettua www.hs.fi/kotimaa/art-2000007731435.html Henkilöstöpalvelualan yritys Eilakaisla joutui viikonloppuna kyberhyökkäyksen kohteeksi. Yritys tiedotti sunnuntaina, että kiristyshaittaohjelmalla perjantaina tehdyn hyökkäyksen vuoksi Eilakaislan palvelin lakkasi sinä päivänä toimimasta. Hyökkäyksen takia on mahdollista, että työnhakijoiden ja työntekijöiden henkilötietoja sekä asiakkaiden laskutustietoja on vaarantunut.. Myös: yle.fi/uutiset/3-11730761. www.is.fi/digitoday/tietoturva/art-2000007731487.html Miten kyber­uhkien torjuntaa pitäisi kehittää? www.tivi.fi/uutiset/tv/1cfc4f24-2da5-4a3a-9d86-26f9f0898f81 […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.