Daily NCSC-FI news followup 2021-01-05

Käsikirja tukemaan terveydenhuollon kyberturvallisuutta Suomessa myös koronakriisin aikaisia vaikutuksia käsitelty

www.epressi.com/tiedotteet/terveys/kasikirja-tukemaan-terveydenhuollon-kyberturvallisuutta-suomessa-myos-koronakriisin-aikaisia-vaikutuksia-kasitelty.html Jyväskylän ammattikorkeakoulu (JAMK) on julkaissut käsikirjan kyberhäiriöiden hallintaan terveydenhuollon toimijoille. Julkaisu auttaa eri kokoisia terveydenhuollon organisaatioita kehittämään kyberhäiriöiden hallinnan prosesseja ja toimintaohjeita.

SolarWinds: The more we learn, the worse it looks

www.zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/ While you’ve been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks. Lisäksi:

www.schneier.com/blog/archives/2021/01/latest-on-the-svrs-solarwinds-hack.html

Australian cybersecurity agency used as cover in malware campaign

www.bleepingcomputer.com/news/security/australian-cybersecurity-agency-used-as-cover-in-malware-campaign/ The Australian Cyber Security Centre (ACSC) warns some Australians are receiving phone calls or emails from scammers claiming to be ACSC employees and that the receiving person’s computer has been compromised, ” the cybersecurity agency warned. Lisäksi:

www.cyber.gov.au/acsc/view-all-content/alerts/phone-and-email-scammers-impersonating-acsc

Babuk Locker is the first new enterprise ransomware of 2021

www.bleepingcomputer.com/news/security/babuk-locker-is-the-first-new-enterprise-ransomware-of-2021/ Babuk Locker is a new ransomware operation that launched at the beginning of 2021 and has since amassed a small list of victims from around the world. From ransom negotiations with victims seen by BleepingComputer, demands range from $60, 000 to $85, 000 in Bitcoin.

Cross-platform ElectroRAT malware drains cryptocurrency wallets

www.bleepingcomputer.com/news/security/cross-platform-electrorat-malware-drains-cryptocurrency-wallets/ Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. Named ElectroRAT after being discovered in December, the cross-platform RAT malware is written in Golang and it was used as part of a campaign that has been targeting cryptocurrency users since the start of 2020. Lisäksi:

arstechnica.com/information-technology/2021/01/cryptocurrency-stealer-for-windows-macos-and-linux-went-undetected-for-a-year/. Lisäksi:

thehackernews.com/2021/01/warning-cross-platform-electrorat.html

Air-Fi is another path to stealing data from an isolated computer

www.kaspersky.com/blog/air-fi-data-exfiltration/38310/ Computers don’t necessarily need a Wi-Fi module to transmit information over Wi-Fi, Israeli researchers have found. A new study describes yet another way to extract data from an isolated computer, this time using Wi-Fi technology (hence the name Air-Fi).

North Korean software supply chain attack targets stock investors

www.bleepingcomputer.com/news/security/north-korean-software-supply-chain-attack-targets-stock-investors/ North Korean hacking group Thallium aka APT37 has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week. This week, ESTsecurity Security Response Center (ESRC) reported on North Korean hacking group altering a private stock investment messaging application to ship malicious code.

Attacks targeting healthcare organizations spike globally as COVID-19 cases rise again

blog.checkpoint.com/2021/01/05/attacks-targeting-healthcare-organizations-spike-globally-as-covid-19-cases-rise-again/ At the end of October 2020, we reported that hospitals and healthcare organizations had been targeted by a rising wave of ransomware attacks, with the majority of attacks using the infamous Ryuk ransomware. This followed a Joint Cybersecurity Advisory issued by the CISA, FBI and HHS, which warned of an increased and imminent cybercrime threat to US hospitals and healthcare providers. Lisäksi:

www.bleepingcomputer.com/news/security/ryuk-ransomware-is-the-top-threat-for-the-healthcare-sector/. Lisäksi:

thehackernews.com/2021/01/healthcare-industry-witnessed-45-spike.html

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

thehackernews.com/2021/01/google-speech-to-text-api-can-help.html A three-year-old attack technique to bypass Google’s audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. Lisäksi:

incolumitas.com/2021/01/02/breaking-audio-recaptcha-with-googles-own-speech-to-text-api/

NSA shares guidance, tools to mitigate weak encryption protocols

www.bleepingcomputer.com/news/security/nsa-shares-guidance-tools-to-mitigate-weak-encryption-protocols/ The National Security Agency (NSA) has shared guidance on how to detect and replace outdated Transport Layer Security (TLS) protocol versions with up to date and secure variants. The US intelligence agency also highlights the dangers behind using deprecated TLS including both risks of sensitive data exposure and decryption of network traffic in man-in-the-middle attacks.

You might be interested in …

Daily NCSC-FI news followup 2019-12-29

UK Government exposes addresses of new year honours recipients www.theguardian.com/uk-news/2019/dec/28/government-exposes-addresses-of-new-year-honours-recipients More than 1,000 celebrities, government employees and politicians recognized in the U.K.’s traditional New Year’s Honours list this year “have had their home and work addresses posted on a government website.” IoT vendor Wyze confirms server leak www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/ Wyze, a company that sells smart devices […]

Read More

Daily NCSC-FI news followup 2021-06-10

Ministeri Harakka: Panostus kriittisten toimialojen tietoturvaan ja tietosuojaan on investointi tulevaisuuteen www.lvm.fi/-/ministeri-harakka-panostus-kriittisten-toimialojen-tietoturvaan-ja-tietosuojaan-on-investointi-tulevaisuuteen-1376154 Valtioneuvosto vahvisti 10. kesäkuuta 2021 periaatepäätöksen, jolla linjataan toimia yhteiskunnan kriittisten toimialojen tietoturvan ja tietosuojan tason parantamiseksi. Periaatepäätöksen linjaukset perustuvat asiaa selvittäneen poikkihallinnollisen työryhmän ehdotuksiin. Jättimäinen huijausaalto pyyhkii Suomea Varo tekstiviestejä! www.iltalehti.fi/tietoturva/a/ffdd91fc-4435-4ce8-ab6a-6a47d69bc1d4 Nyt Kyberturvallisuuskeskus varoittaa uusista huijausviesteistä, jotka liittyvät todennäköisesti samaan haittaohjelmaan. Kotimaisista […]

Read More

Daily NCSC-FI news followup 2019-12-10

Venäjä käytti kahta eri vakoilukampanjaa tärvelläkseen Ranskan vaalit: Macronin toimisto sumutti vakoojia vitseillä www.hs.fi/ulkomaat/art-2000006337940.html Venäjän tiedustelu yritti sotkea Emmanuel Macronin vaalivoiton kahdella eri verkkovakoilukampanjalla. Kampanjaväki sumutti vakoojia jakamalla heille väärää tietoa. Snatch Ransomware Reboots to Windows Safe Mode to Bypass AV Tools www.bleepingcomputer.com/news/security/snatch-ransomware-reboots-to-windows-safe-mode-to-bypass-av-tools/ Researchers discovered a new Snatch ransomware strain that will reboot computers it […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.