Daily NCSC-FI news followup 2021-01-18

Suomen elintarvikehuolto harjoittelee poikkeustilannetta varten

www.is.fi/digitoday/art-2000007747319.html Suomen elintarvikehuollon toimijat harjoittelevat tällä viikolla poikkeustilanteita varten. Huoltovarmuuskeskuksen digipoolin järjestämässä kolmipäiväisessä harjoituksessa valmistaudutaan toimintaan kyberhäiriötilanteessa. Huomenna alkavassa harjoituksessa on mukana elintarviketeollisuuden, kaupan ja jakelun, öljynjakelun, logistiikan ja liikenteen sekä vesihuollon toimijoita. Paino on huoltoketjun osien yhteistoiminnassa ja elintarvikehuollon toiminnassa poikkeustilanteessa. Kyseessä on osa laajempaa Tieto20-harjoituskokonaisuutta, joka alkoi helmikuussa 2020. Intensiiviharjoituksia on järjestetty toimialoittain. Kaikkiaan edustettuna on ollut 128 organisaatiota, 12 toimialaa, ja harjoitteluun on käytetty 10 000 työtuntia.

OpenWRT Forum user data stolen in weekend data breach

www.bleepingcomputer.com/news/security/openwrt-forum-user-data-stolen-in-weekend-data-breach/ The intruder used the account of an OpenWRT administrator. The intruder used the account of an OpenWRT administrator. Although the account had “a good password, ” additional security provided by two-factor authentication (2FA) was not active. Email addresses and handles of the forum users have been stolen, the moderators say. They add that they believe the attacker was not able to download the forum database, meaning that passwords should be safe.

BitLocker Lockscreen bypass

secret.club/2021/01/15/bitlocker-bypass.html Given a Windows 10 system without known passwords and a BitLocker-protected hard drive, an administrator account could be added. Note: This attack works only when no BitLocker password/pin is required prior to login screen.

Medical Device Security: Diagnosis Critical

threatpost.com/medical-device-security/163127/ Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued more than a half-dozen warnings tied to connected drug pumps alone. Vulnerabilities found in pumps made by Baxter International and Becton Dickinson Alaris System, for example, could be exploited to launch a DDoS attack, alter system configurations or siphon off patient data.

Google Cloud: We do use some SolarWinds, but we weren’t affected by mega hack

www.zdnet.com/article/google-cloud-we-do-use-some-solarwinds-but-we-werent-affected-by-mega-hack/ Google’s first CISO explains how you avoid being owned by hackers engaged in supply chain attacks. “Based on what is known about the attack today, we are confident that no Google systems were affected by the SolarWinds event, ” [the CISO] said in a blogpost. Google:

cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely

You might be interested in …

Daily NCSC-FI news followup 2020-07-07

F5 BigIP vulnerability exploitation followed by a backdoor implant attempt isc.sans.edu/diary/rss/26322 While monitoring SANS Storm Center’s honeypots today, I came across the second F5 BIGIP CVE-2020-5902 vulnerability exploitation followed by a backdoor deployment attempt. The first one was seen by Johannes yesterday. www.bleepingcomputer.com/news/security/mitigating-critical-f5-big-ip-rce-flaw-not-enough-bypass-found/ Mac ThiefQuest malware may not be ransomware after all blog.malwarebytes.com/mac/2020/07/mac-thiefquest-malware-may-not-be-ransomware-after-all/ The ThiefQuest […]

Read More

Daily NCSC-FI news followup 2021-02-14

Egregor ransomware operators arrested in Ukraine www.zdnet.com/article/egregor-ransomware-operators-arrested-in-ukraine/ Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself.. Members of the Egregor ransomware cartel have been arrested this week in Ukraine, French radio station France Inter reported on Friday, citing law enforcement sources. Pro-India hackers use Android spyware to spy […]

Read More

Daily NCSC-FI news followup 2019-10-29

Industrial equipment to come under fire at the world’s largest hacking contest www.zdnet.com/article/industrial-equipment-to-come-under-fire-at-the-worlds-largest-hacking-contest/ Pwn2Own hacking contest to feature ICS SCADA targets for the first time. The next Pwn2Own contest is set to take place at the S4 ICS security conference that will be held in Miami South Beach on January 21-23, 2020. Microsoft: Russian hackers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.