Daily NCSC-FI news followup 2021-01-05

Käsikirja tukemaan terveydenhuollon kyberturvallisuutta Suomessa myös koronakriisin aikaisia vaikutuksia käsitelty

www.epressi.com/tiedotteet/terveys/kasikirja-tukemaan-terveydenhuollon-kyberturvallisuutta-suomessa-myos-koronakriisin-aikaisia-vaikutuksia-kasitelty.html Jyväskylän ammattikorkeakoulu (JAMK) on julkaissut käsikirjan kyberhäiriöiden hallintaan terveydenhuollon toimijoille. Julkaisu auttaa eri kokoisia terveydenhuollon organisaatioita kehittämään kyberhäiriöiden hallinnan prosesseja ja toimintaohjeita.

SolarWinds: The more we learn, the worse it looks

www.zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/ While you’ve been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks. Lisäksi:

www.schneier.com/blog/archives/2021/01/latest-on-the-svrs-solarwinds-hack.html

Australian cybersecurity agency used as cover in malware campaign

www.bleepingcomputer.com/news/security/australian-cybersecurity-agency-used-as-cover-in-malware-campaign/ The Australian Cyber Security Centre (ACSC) warns some Australians are receiving phone calls or emails from scammers claiming to be ACSC employees and that the receiving person’s computer has been compromised, ” the cybersecurity agency warned. Lisäksi:

www.cyber.gov.au/acsc/view-all-content/alerts/phone-and-email-scammers-impersonating-acsc

Babuk Locker is the first new enterprise ransomware of 2021

www.bleepingcomputer.com/news/security/babuk-locker-is-the-first-new-enterprise-ransomware-of-2021/ Babuk Locker is a new ransomware operation that launched at the beginning of 2021 and has since amassed a small list of victims from around the world. From ransom negotiations with victims seen by BleepingComputer, demands range from $60, 000 to $85, 000 in Bitcoin.

Cross-platform ElectroRAT malware drains cryptocurrency wallets

www.bleepingcomputer.com/news/security/cross-platform-electrorat-malware-drains-cryptocurrency-wallets/ Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. Named ElectroRAT after being discovered in December, the cross-platform RAT malware is written in Golang and it was used as part of a campaign that has been targeting cryptocurrency users since the start of 2020. Lisäksi:

arstechnica.com/information-technology/2021/01/cryptocurrency-stealer-for-windows-macos-and-linux-went-undetected-for-a-year/. Lisäksi:

thehackernews.com/2021/01/warning-cross-platform-electrorat.html

Air-Fi is another path to stealing data from an isolated computer

www.kaspersky.com/blog/air-fi-data-exfiltration/38310/ Computers don’t necessarily need a Wi-Fi module to transmit information over Wi-Fi, Israeli researchers have found. A new study describes yet another way to extract data from an isolated computer, this time using Wi-Fi technology (hence the name Air-Fi).

North Korean software supply chain attack targets stock investors

www.bleepingcomputer.com/news/security/north-korean-software-supply-chain-attack-targets-stock-investors/ North Korean hacking group Thallium aka APT37 has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week. This week, ESTsecurity Security Response Center (ESRC) reported on North Korean hacking group altering a private stock investment messaging application to ship malicious code.

Attacks targeting healthcare organizations spike globally as COVID-19 cases rise again

blog.checkpoint.com/2021/01/05/attacks-targeting-healthcare-organizations-spike-globally-as-covid-19-cases-rise-again/ At the end of October 2020, we reported that hospitals and healthcare organizations had been targeted by a rising wave of ransomware attacks, with the majority of attacks using the infamous Ryuk ransomware. This followed a Joint Cybersecurity Advisory issued by the CISA, FBI and HHS, which warned of an increased and imminent cybercrime threat to US hospitals and healthcare providers. Lisäksi:

www.bleepingcomputer.com/news/security/ryuk-ransomware-is-the-top-threat-for-the-healthcare-sector/. Lisäksi:

thehackernews.com/2021/01/healthcare-industry-witnessed-45-spike.html

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

thehackernews.com/2021/01/google-speech-to-text-api-can-help.html A three-year-old attack technique to bypass Google’s audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. Lisäksi:

incolumitas.com/2021/01/02/breaking-audio-recaptcha-with-googles-own-speech-to-text-api/

NSA shares guidance, tools to mitigate weak encryption protocols

www.bleepingcomputer.com/news/security/nsa-shares-guidance-tools-to-mitigate-weak-encryption-protocols/ The National Security Agency (NSA) has shared guidance on how to detect and replace outdated Transport Layer Security (TLS) protocol versions with up to date and secure variants. The US intelligence agency also highlights the dangers behind using deprecated TLS including both risks of sensitive data exposure and decryption of network traffic in man-in-the-middle attacks.

You might be interested in …

Daily NCSC-FI news followup 2020-06-21

Ransomware operators lurk on your network after their attack www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked […]

Read More

Daily NCSC-FI news followup 2019-08-18

Over 20 Texas local governments hit in ‘coordinated ransomware attack’ www.zdnet.com/article/at-least-20-texas-local-governments-hit-in-coordinated-ransomware-attack/ Infection blamed on a strain of ransomware known only as the “.JSE ransomware.” Steam Accounts Being Stolen Through Elaborate Free Game Scam www.bleepingcomputer.com/news/security/steam-accounts-being-stolen-through-elaborate-free-game-scam/ An elaborate scam is underway that pretends to be a free game giveaway site, but instead hacks a user’s Steam account, […]

Read More

Daily NCSC-FI news followup 2019-09-02

Google White Hat Hackers Say Thousands of iPhones Have Been Hacked for Years www.pandasecurity.com/mediacenter/news/google-iphones-hacked/ Last week computer security specialists from Google announced that thousands of iPhones had been hacked using a vulnerability seen in almost every version from iOS 10 through to the latest version of iOS 12. Googles Project Zero team, a division of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.