Daily NCSC-FI news followup 2021-01-21

Digitaalinen turvallisuus 2030 -ohjelma kehittää yhteiskunnan kyberhäiriöiden sietokykyä

www.huoltovarmuuskeskus.fi/digitaalinen-turvallisuus-2030-ohjelma-kehittaa-yhteiskunnan-kyberhairioiden-sietokykya/ Huoltovarmuuskeskus käynnistää laajan ohjelmakokonaisuuden, jonka tarkoituksena on kehittää yhteiskunnan sietokykyä kyberhäiriöitä vastaan. Digitaalinen turvallisuus 2030 -ohjelman painopisteet ovat kyberhäiriöihin varautuminen, toimintakyky häiriöiden sattuessa, yhteistyö yhteiskunnan ja yritysmaailman eri toimijoiden välillä sekä tulevaisuuden ilmiöiden ennakointi. Ohjelma on osa Suomen kansallisen kyberturvallisuusstrategian toteutusta.

Ransomware is now the biggest cybersecurity concern for CISOs

www.zdnet.com/article/ransomware-is-now-the-biggest-cybersecurity-concern-for-cisos/ A survey of chief information security officers (CISOs) and chief security officers (CSOs) by cybersecurity Proofpoint found that ransomware is now viewed as the main cybersecurity threat to their organisation over the course of the next year.

UK govt gives malware infected laptops to vulnerable students

www.bleepingcomputer.com/news/security/uk-govt-gives-malware-infected-laptops-to-vulnerable-students/ The devices are given out for free by the government to support disadvantaged students unable to access remote education during the COVID-19 pandemic, including children and young people who have no digital devices, have only a smartphone, or share a single device with other family members. “Upon unboxing and preparing them, it was discovered that a number of the laptops were infected with a self-propagating network worm, ” according to one of the teachers.

QNAP warns users of a new crypto-miner named Dovecat infecting their devices

www.zdnet.com/article/qnap-warns-users-of-a-new-crypto-miner-named-dovecat-infecting-their-devices/ QNAP has published a security advisory today warning customers of a new malware strain named Dovecat that is currently targeting its line of network-attached storage (NAS) devices to abuse local resources and mine cryptocurrency behind users’ backs. The company said the malware is currently spreading by connecting to QNAP NAS systems left exposed online using weak passwords.

Cyber Criminals Leave Stolen Phishing Credentials in Plain Sight

blog.checkpoint.com/2021/01/21/cyber-criminals-leave-stolen-phishing-credentials-in-plain-sight/ Check Point Research recently joined forces with Otorio to analyze and take a deep dive into a large scale phishing campaign that targeted thousands of global organizations, revealing the campaign’s overall infection chain, infrastructure and how the emails were distributed. Interestingly, due to a simple mistake in their attack chain, the attackers behind the phishing campaign exposed the credentials they had stolen to the public Internet, across dozens of drop-zone servers used by the attackers. With a simple Google search, anyone could have found the password to one of the compromised, stolen email addresses: a gift to every opportunistic attacker.

DDoS booters use Windows Remote Desktop servers to amplify attacks

www.bleepingcomputer.com/news/security/ddos-booters-use-windows-remote-desktop-servers-to-amplify-attacks/ Attacks taking advantage of this new UDP reflection/amplification attack vector by targeting Windows servers with RDP enabled on UDP/3389 have an amplification ratio of 85.9:1 and peak at ca. 750 Gbps. Around 14, 000 vulnerable Windows RDP servers are reachable over the Internet according to NETSCOUT advisory published earlier today.

Singapore widens security labelling to include all consumer IoT devices

ww.zdnet.com/article/singapore-widens-security-labelling-to-include-all-consumer-iot-devices/ Introduced last October as a voluntary programme, the Cybersecurity Labelling Scheme rates devices according to their level of cybersecurity features and will now be extended to include all consumer smart devices such as smart lights and smart printers.

Microsoft Edge gets a password generator, leaked credentials monitor

www.bleepingcomputer.com/news/security/microsoft-edge-gets-a-password-generator-leaked-credentials-monitor/ Microsoft is rolling out a built-in password generator and a leaked credentials monitoring feature on Windows and macOS systems running the latest Microsoft Edge version.

You might be interested in …

Daily NCSC-FI news followup 2020-10-24

Vastaamon asiakkaat ovat saaneet henkilökohtaisia kiristysviestejä, viesteissä vaaditaan 200-500 euron arvosta bitcoineja Poliisi: “Kiristysviestin vaatimuksiin ei tule suostua” www.hs.fi/kotimaa/art-2000006698803.html Jos uhri ei maksa, kiristäjä uhkaa julkaista hänen tietonsa sisältäen henkilötietojen lisäksi tarkan potilaskertomuksen, joka sisältää litteroituna terapeutin kanssa käydyt keskustelut. Myös: Vastaamon asiakkaat saavat nyt kiristysviestejä sähköposteihinsa viesteissä vaaditaan 200-500 euron arvosta bitcoineja – yle.fi/uutiset/3-11612183 […]

Read More

Daily NCSC-FI news followup 2019-12-31

Ghosts in the Clouds: Inside Chinas Major Corporate Hack www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061 A Wall Street Journal investigation has found that the attack was much bigger than previously known. It goes far beyond the 14 unnamed companies listed in the indictment, stretching across at least a dozen cloud providers, including CGI Group Inc. Tieto Oyj, a major Finnish […]

Read More

Daily NCSC-FI news followup 2020-04-04

Zoomed In: A Look into a Coinminer Bundled with Zoom Installer blog.trendmicro.com/trendlabs-security-intelligence/zoomed-in-a-look-into-a-coinminer-bundled-with-zoom-installer/ We found a Coinminer bundled with the legitimate installer of video conferencing app Zoom, luring users who want to install the software but end up unwittingly downloading a malicious file. The compromised files are not from Zooms official download center, and are assumed […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.