Daily NCSC-FI news followup 2021-01-10

Eilakaisla joutui kyber­hyökkäyksen kohteeksi henkilö­tietojen vuoto ei pois suljettua

www.hs.fi/kotimaa/art-2000007731435.html Henkilöstöpalvelualan yritys Eilakaisla joutui viikonloppuna kyberhyökkäyksen kohteeksi. Yritys tiedotti sunnuntaina, että kiristyshaittaohjelmalla perjantaina tehdyn hyökkäyksen vuoksi Eilakaislan palvelin lakkasi sinä päivänä toimimasta. Hyökkäyksen takia on mahdollista, että työnhakijoiden ja työntekijöiden henkilötietoja sekä asiakkaiden laskutustietoja on vaarantunut.. Myös:

yle.fi/uutiset/3-11730761.

www.is.fi/digitoday/tietoturva/art-2000007731487.html

Miten kyber­uhkien torjuntaa pitäisi kehittää?

www.tivi.fi/uutiset/tv/1cfc4f24-2da5-4a3a-9d86-26f9f0898f81 Kirsi Karlamaa, pääjohtaja, Traficom. Kehitetään määrätietoisesti osaamista, koulutusta, yhteistyötä, vahvaa kotimaista kyberteollisuutta, ja osittaista kyberomavaraisuutta. Kyber­turvallisuus on kaikkien asia. Yhtä hopealuotia ei ole.

Apple removed Parler from the App Store for inciting violence

www.bleepingcomputer.com/news/apple/apple-removed-parler-from-the-app-store-for-inciting-violence/ Apple has removed the Parler social network app from the App Store for violating policies, including not providing an updated moderation plan or an updated app with objectionable content removed. Since the U.S. Capitol Building riot on January 6th, 2021, there has been an increase in social networking posts that incite violence against politicians, law enforcement, and organizations that supporters.

Maldoc Analysis With CyberChef

isc.sans.edu/forums/diary/Maldoc+Analysis+With+CyberChef/26968/ In diary entry “Maldoc Strings Analysis” I show how to analyze a malicious document, by extracting and decoding strings with command-line tools. In this video, I analyze the same malicious Word document, using CyberChef only. This is possible, because this particular maldoc contains a very long string with the payload, and this string can be extracted without parsing the structure of this .doc file.

New Zealand Reserve Bank suffers data breach via hacked storage partner

www.bleepingcomputer.com/news/security/new-zealand-reserve-bank-suffers-data-breach-via-hacked-storage-partner/ The Reserve Bank of New Zealand, known as Te Ptea Matua, has suffered a data breach after threat actors hacked a third-party hosting partner. The Reserve Bank is the central bank of New Zealand and is responsible for creating monetary policy to stabilize prices in the country. On January 10th, the Reserve Bank disclosed that they had suffered a data breach after attackers illegally accessed data stored at a third-party hosting provider.

You might be interested in …

Daily NCSC-FI news followup 2019-07-10

Lapin Kansa: Kemin kaupungin tietoliikenneverkossa poikkeuksellisen pitkä vikatilanne syytä selvitetään www.lapinkansa.fi/lappi/kemin-kaupungin-tietoliikenneverkossa-poikkeuksellisen-pitka-vikatilanne-syyta-selvitetaan-3596802/ Zoom reverses course to kill off Mac local web server www.zdnet.com/article/zoom-reverses-course-to-kill-off-mac-local-web-server/ Less than a day after backing its approach to get around Safari restrictions on Mac, Zoom’s local web server is no more. New FinSpy iOS and Android implants revealed ITW securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/ FinSpy is […]

Read More

Daily NCSC-FI news followup 2019-06-30

Breaking: Huawei will be allowed to do business with U.S. companies again www.androidauthority.com/breaking-huawei-allowed-to-do-business-with-us-companies-again-1004260/ U.S. companies will be allowed to work with Huawei again, President Trump announced in a news conference.. Its not clear what this means for now, but its likely Huawei will be able to acquire basic components like Qualcomm processors and Googles Android […]

Read More

Daily NCSC-FI news followup 2021-09-17

NSO Group iMessage Zero-Click Exploit Captured in the Wild citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ The Citizen Lab disclosed the vulnerability and code to Apple, which has assigned the FORCEDENTRY vulnerability CVE-2021-30860 and describes the vulnerability as “processing a maliciously crafted PDF may lead to arbitrary code execution.”. In this article, Citizen Lab analyses the exploit chain in detail. Mitigating […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.