Daily NCSC-FI news followup 2021-01-18

Suomen elintarvikehuolto harjoittelee poikkeustilannetta varten

www.is.fi/digitoday/art-2000007747319.html Suomen elintarvikehuollon toimijat harjoittelevat tällä viikolla poikkeustilanteita varten. Huoltovarmuuskeskuksen digipoolin järjestämässä kolmipäiväisessä harjoituksessa valmistaudutaan toimintaan kyberhäiriötilanteessa. Huomenna alkavassa harjoituksessa on mukana elintarviketeollisuuden, kaupan ja jakelun, öljynjakelun, logistiikan ja liikenteen sekä vesihuollon toimijoita. Paino on huoltoketjun osien yhteistoiminnassa ja elintarvikehuollon toiminnassa poikkeustilanteessa. Kyseessä on osa laajempaa Tieto20-harjoituskokonaisuutta, joka alkoi helmikuussa 2020. Intensiiviharjoituksia on järjestetty toimialoittain. Kaikkiaan edustettuna on ollut 128 organisaatiota, 12 toimialaa, ja harjoitteluun on käytetty 10 000 työtuntia.

OpenWRT Forum user data stolen in weekend data breach

www.bleepingcomputer.com/news/security/openwrt-forum-user-data-stolen-in-weekend-data-breach/ The intruder used the account of an OpenWRT administrator. The intruder used the account of an OpenWRT administrator. Although the account had “a good password, ” additional security provided by two-factor authentication (2FA) was not active. Email addresses and handles of the forum users have been stolen, the moderators say. They add that they believe the attacker was not able to download the forum database, meaning that passwords should be safe.

BitLocker Lockscreen bypass

secret.club/2021/01/15/bitlocker-bypass.html Given a Windows 10 system without known passwords and a BitLocker-protected hard drive, an administrator account could be added. Note: This attack works only when no BitLocker password/pin is required prior to login screen.

Medical Device Security: Diagnosis Critical

threatpost.com/medical-device-security/163127/ Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued more than a half-dozen warnings tied to connected drug pumps alone. Vulnerabilities found in pumps made by Baxter International and Becton Dickinson Alaris System, for example, could be exploited to launch a DDoS attack, alter system configurations or siphon off patient data.

Google Cloud: We do use some SolarWinds, but we weren’t affected by mega hack

www.zdnet.com/article/google-cloud-we-do-use-some-solarwinds-but-we-werent-affected-by-mega-hack/ Google’s first CISO explains how you avoid being owned by hackers engaged in supply chain attacks. “Based on what is known about the attack today, we are confident that no Google systems were affected by the SolarWinds event, ” [the CISO] said in a blogpost. Google:

cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely

You might be interested in …

Daily NCSC-FI news followup 2019-09-21

VMware Releases Security Updates for Multiple Products www.us-cert.gov/ncas/current-activity/2019/09/20/vmware-releases-security-updates-multiple-products See also: www.vmware.com/security/advisories/VMSA-2019-0014.html Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About www.bleepingcomputer.com/news/security/meet-stop-ransomware-the-most-active-ransomware-nobody-talks-about/ To give you some perspective, the ransomware identification service ID Ransomware gets approximately 2,500 ransomware submissions a day. Of those, between 60-70 % are STOP ransomware submissions. Windows 7 Voting Systems to Get […]

Read More

Daily NCSC-FI news followup 2020-07-06

U.K. Set to Start Huawei 5G Phase-Out as Soon as This Year www.bloomberg.com/news/articles/2020-07-05/u-k-prepares-to-start-huawei-5g-phase-out-as-soon-as-this-year Prime Minister Boris Johnson is preparing to begin phasing out the use of Huawei Technologies Co. equipment in the U.K.s 5G telecoms network as soon as this year, a person familiar with the matter said. OVER 1,800 F5 BIG-IP ENDPOINTS VULNERABLE TO […]

Read More

Daily NCSC-FI news followup 2019-06-30

Breaking: Huawei will be allowed to do business with U.S. companies again www.androidauthority.com/breaking-huawei-allowed-to-do-business-with-us-companies-again-1004260/ U.S. companies will be allowed to work with Huawei again, President Trump announced in a news conference.. Its not clear what this means for now, but its likely Huawei will be able to acquire basic components like Qualcomm processors and Googles Android […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.