Daily NCSC-FI news followup 2021-01-20

Tietoturva ei ole luksustuote

www.tivi.fi/uutiset/tv/465d7ff0-5446-4ca6-ac28-6d1850a26112 “Rahalla ei voi ostaa yrityksen sisäistä viestintää ja uskallusta myöntää virheet. Mikään määrä tietoturvatyökaluja ei pelasta, jos yrityksessä henkilöstö pelkää oman työnsä puolesta tai heitä ei oteta tosissaan virheen sattuessa kohdalle.”. “Lopulta monimutkaisiin ongelmiin ratkaisut voivat löytyä läheltä, omista työntekijöistä ja yrityksen omasta kulttuurista. Tietoturva on holistista ja sen pitäisi osallistuttaa kaikki yrityksen työntekijät ja johtoasemassa olevat henkilöt.”

Hacker leaks full database of 77 million Nitro PDF user records

www.bleepingcomputer.com/news/security/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records/ Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that Nitro Software claims to have over 10, 000 business customers and roughly 1.8 million licensed users. A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. The 14GB leaked database contains 77, 159, 696 records with users’ email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.

Hacker posts 1.9 million Pixlr user records for free on forum

www.bleepingcomputer.com/news/security/hacker-posts-19-million-pixlr-user-records-for-free-on-forum/ Pixlr is a very popular and free online photo editing application with many of the same features found in a professional desktop photo editor like Photoshop. The alleged Pixlr database posted by ShinyHunters contains 1, 921, 141 user records consisting of email addresses, login names, SHA-512 hashed passwords, a user’s country, whether they signed up for the newsletter, and other internal information.

IObit forums hacked to spread ransomware to its members

www.bleepingcomputer.com/news/security/iobit-forums-hacked-to-spread-ransomware-to-its-members/ Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.

NSA urges system administrators to replace obsolete TLS protocols

www.zdnet.com/article/nsa-urges-system-administrators-to-replace-obsolete-tls-protocols/ NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used. Even if TLS 1.2 and TLS 1.3 are deployed, the NSA warns against configuring these two protocols with weak cryptographic parameters and cipher suites.

Bugs in Signal, Facebook, Google chat apps let attackers spy on users

www.bleepingcomputer.com/news/security/bugs-in-signal-facebook-google-chat-apps-let-attackers-spy-on-users/ Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users’ surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.

Cisco fixes critical pre-auth bugs in SD-WAN, cloud license manager

www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-bugs-in-sd-wan-cloud-license-manager/ Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software.

NCSC-UK: Technical report: Responsible use of the Border Gateway Protocol (BGP) for ISP interworking

www.ncsc.gov.uk/report/responsible-use-of-bgp-for-isp-interworking The guidance encourages operators to use the BGP in a predictable and rigorous way, making full use of Internet Registries such as RIPE. PDF:

www.ncsc.gov.uk/files/border-gateway-protocol-technical-paper.pdf

You might be interested in …

Daily NCSC-FI news followup 2019-08-24

Kyberhyökkäykset ravistelevat suomalaiskuntia Tampere: “Harjoittelemme säännöllisesti” www.tivi.fi/uutiset/tv/d884768a-4cba-4abb-b990-64620669935d Sähköpostihuijareiden toimintatapoja tarkemmin – eiliseen 80 huijarin kiinniottoon liittyvä analyysi garwarner.blogspot.com/2019/08/los-angeles-court-charges-80-nigerians.html Fortnite-pelin huijausohjelma sisältääkin haittaohjelman ja vaatii lunnaat www.kaspersky.com/blog/ransomware-in-fortnite-cheats/28104/ FireEyen tuore raportti sote-sektorin toistuvasta kohdennuksesta ja altistumisesta tietovuodoille www.fireeye.com/blog/threat-research/2019/08/healthcare-research-data-pii-continuously-targeted-by-multiple-threat-actors.html Facebook jakoi vuosittaisen Internet Defence Prize -palkintonsa saksalaisille tutkijoille: 100’000 USD uudesta suojausmekanismista. www.zdnet.com/article/facebook-awards-100000-prize-for-new-code-isolation-technique/ Esineiden internet: älyuunit päälle keskellä […]

Read More

Daily NCSC-FI news followup 2020-04-06

DarkHotel hackers use VPN zero-day to breach Chinese government agencies www.zdnet.com/article/darkhotel-hackers-use-vpn-zero-day-to-compromise-chinese-government-agencies/ Chinese security-firm Qihoo 360, which detected the intrusions, said the hackers used a zero-day vulnerability in Sangfor SSL VPN servers, used to provide remote access to enterprise and government networks. Attacks Simultaneously Exploiting Vulnerability in IE (CVE-2020-0674) and Firefox (CVE-2019-17026) blogs.jpcert.or.jp/en/2020/04/ie-firefox-0day.html On 8 January […]

Read More

Daily NCSC-FI news followup 2020-03-03

Iltalehti: Asiantuntija varoittaa Suomea salakavalasta kyberiskusta: Onnistuessaan aika jäätävä www.iltalehti.fi/kotimaa/a/8d95f851-42fc-4955-af7b-89fbd631d808 Kyberturvallisuutta ja tiedustelua Jyväskylän yliopistossa tutkiva ja opettava filosofian tohtori Martti J. Kari toteaa, että maan vakautta vakavasti horjuttamaan pyrkivät tietoverkkojen kautta tehtävät kyberoperaatiot ovat tulevaisuudessa yhä mahdollisempia.. Hän pohjaa näkemyksensä viralliseen kansalliseen riskiarvioon, joiden mukaan kyberhyökkäysten todennäköisyys on kasvussa. Näillä hyökkäyksillä tarkoitetaan myös maan […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.