Daily NCSC-FI news followup 2021-01-18

Suomen elintarvikehuolto harjoittelee poikkeustilannetta varten

www.is.fi/digitoday/art-2000007747319.html Suomen elintarvikehuollon toimijat harjoittelevat tällä viikolla poikkeustilanteita varten. Huoltovarmuuskeskuksen digipoolin järjestämässä kolmipäiväisessä harjoituksessa valmistaudutaan toimintaan kyberhäiriötilanteessa. Huomenna alkavassa harjoituksessa on mukana elintarviketeollisuuden, kaupan ja jakelun, öljynjakelun, logistiikan ja liikenteen sekä vesihuollon toimijoita. Paino on huoltoketjun osien yhteistoiminnassa ja elintarvikehuollon toiminnassa poikkeustilanteessa. Kyseessä on osa laajempaa Tieto20-harjoituskokonaisuutta, joka alkoi helmikuussa 2020. Intensiiviharjoituksia on järjestetty toimialoittain. Kaikkiaan edustettuna on ollut 128 organisaatiota, 12 toimialaa, ja harjoitteluun on käytetty 10 000 työtuntia.

OpenWRT Forum user data stolen in weekend data breach

www.bleepingcomputer.com/news/security/openwrt-forum-user-data-stolen-in-weekend-data-breach/ The intruder used the account of an OpenWRT administrator. The intruder used the account of an OpenWRT administrator. Although the account had “a good password, ” additional security provided by two-factor authentication (2FA) was not active. Email addresses and handles of the forum users have been stolen, the moderators say. They add that they believe the attacker was not able to download the forum database, meaning that passwords should be safe.

BitLocker Lockscreen bypass

secret.club/2021/01/15/bitlocker-bypass.html Given a Windows 10 system without known passwords and a BitLocker-protected hard drive, an administrator account could be added. Note: This attack works only when no BitLocker password/pin is required prior to login screen.

Medical Device Security: Diagnosis Critical

threatpost.com/medical-device-security/163127/ Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued more than a half-dozen warnings tied to connected drug pumps alone. Vulnerabilities found in pumps made by Baxter International and Becton Dickinson Alaris System, for example, could be exploited to launch a DDoS attack, alter system configurations or siphon off patient data.

Google Cloud: We do use some SolarWinds, but we weren’t affected by mega hack

www.zdnet.com/article/google-cloud-we-do-use-some-solarwinds-but-we-werent-affected-by-mega-hack/ Google’s first CISO explains how you avoid being owned by hackers engaged in supply chain attacks. “Based on what is known about the attack today, we are confident that no Google systems were affected by the SolarWinds event, ” [the CISO] said in a blogpost. Google:

cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely

You might be interested in …

Daily NCSC-FI news followup 2020-11-18

Hackers are actively probing millions of WordPress sites www.bleepingcomputer.com/news/security/hackers-are-actively-probing-millions-of-wordpress-sites/ Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150, 000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers. Hacking group exploits ZeroLogon in automotive, industrial attack wave www.zdnet.com/article/cicada-hacking-group-exploits-zerologon-launches-new-backdoor-in-automotive-industry-attack-wave/ The active cyberattack is thought […]

Read More

Daily NCSC-FI news followup 2019-11-21

The Cyber-Physical Security of the Power Grid smartgrid.ieee.org/newsletters/november-2019/the-cyber-physical-security-of-the-power-grid Since critical infrastructures play a crucial role in our everyday life, its security has to be considered as one of the most important challenges in this modern era.. Physical and cyber security of smart power grids is very difficult due to their complexity and inhomogeneity. A huge […]

Read More

Daily NCSC-FI news followup 2020-09-01

Norjan parlamenttiin on tehty laajamittainen kyberhyökkäys yle.fi/uutiset/3-11522222 Joidenkin kansanedustajien ja Suurkäräjien työntekijöiden sähköposteihin on murtauduttu. Otamme asian erittäin vakavasti ja analysoimme tilannetta saadaksemme kuvan tapauksesta ja haittojen laajuudesta, Suurkäräjien hallinnon johtaja Marianne Andreassen sanoo. myös: www.stortinget.no/no/Hva-skjer-pa-Stortinget/Nyhetsarkiv/Pressemeldingsarkiv/2019-2020/it-angrep-mot-stortinget/. also: www.zdnet.com/article/norwegian-parliament-discloses-cyber-attack-on-internal-email-system/ Cisco says it will issue patch as soon as possible’ for bugs hackers are trying to exploit […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.