Daily NCSC-FI news followup 2021-01-21

Digitaalinen turvallisuus 2030 -ohjelma kehittää yhteiskunnan kyberhäiriöiden sietokykyä

www.huoltovarmuuskeskus.fi/digitaalinen-turvallisuus-2030-ohjelma-kehittaa-yhteiskunnan-kyberhairioiden-sietokykya/ Huoltovarmuuskeskus käynnistää laajan ohjelmakokonaisuuden, jonka tarkoituksena on kehittää yhteiskunnan sietokykyä kyberhäiriöitä vastaan. Digitaalinen turvallisuus 2030 -ohjelman painopisteet ovat kyberhäiriöihin varautuminen, toimintakyky häiriöiden sattuessa, yhteistyö yhteiskunnan ja yritysmaailman eri toimijoiden välillä sekä tulevaisuuden ilmiöiden ennakointi. Ohjelma on osa Suomen kansallisen kyberturvallisuusstrategian toteutusta.

Ransomware is now the biggest cybersecurity concern for CISOs

www.zdnet.com/article/ransomware-is-now-the-biggest-cybersecurity-concern-for-cisos/ A survey of chief information security officers (CISOs) and chief security officers (CSOs) by cybersecurity Proofpoint found that ransomware is now viewed as the main cybersecurity threat to their organisation over the course of the next year.

UK govt gives malware infected laptops to vulnerable students

www.bleepingcomputer.com/news/security/uk-govt-gives-malware-infected-laptops-to-vulnerable-students/ The devices are given out for free by the government to support disadvantaged students unable to access remote education during the COVID-19 pandemic, including children and young people who have no digital devices, have only a smartphone, or share a single device with other family members. “Upon unboxing and preparing them, it was discovered that a number of the laptops were infected with a self-propagating network worm, ” according to one of the teachers.

QNAP warns users of a new crypto-miner named Dovecat infecting their devices

www.zdnet.com/article/qnap-warns-users-of-a-new-crypto-miner-named-dovecat-infecting-their-devices/ QNAP has published a security advisory today warning customers of a new malware strain named Dovecat that is currently targeting its line of network-attached storage (NAS) devices to abuse local resources and mine cryptocurrency behind users’ backs. The company said the malware is currently spreading by connecting to QNAP NAS systems left exposed online using weak passwords.

Cyber Criminals Leave Stolen Phishing Credentials in Plain Sight

blog.checkpoint.com/2021/01/21/cyber-criminals-leave-stolen-phishing-credentials-in-plain-sight/ Check Point Research recently joined forces with Otorio to analyze and take a deep dive into a large scale phishing campaign that targeted thousands of global organizations, revealing the campaign’s overall infection chain, infrastructure and how the emails were distributed. Interestingly, due to a simple mistake in their attack chain, the attackers behind the phishing campaign exposed the credentials they had stolen to the public Internet, across dozens of drop-zone servers used by the attackers. With a simple Google search, anyone could have found the password to one of the compromised, stolen email addresses: a gift to every opportunistic attacker.

DDoS booters use Windows Remote Desktop servers to amplify attacks

www.bleepingcomputer.com/news/security/ddos-booters-use-windows-remote-desktop-servers-to-amplify-attacks/ Attacks taking advantage of this new UDP reflection/amplification attack vector by targeting Windows servers with RDP enabled on UDP/3389 have an amplification ratio of 85.9:1 and peak at ca. 750 Gbps. Around 14, 000 vulnerable Windows RDP servers are reachable over the Internet according to NETSCOUT advisory published earlier today.

Singapore widens security labelling to include all consumer IoT devices

ww.zdnet.com/article/singapore-widens-security-labelling-to-include-all-consumer-iot-devices/ Introduced last October as a voluntary programme, the Cybersecurity Labelling Scheme rates devices according to their level of cybersecurity features and will now be extended to include all consumer smart devices such as smart lights and smart printers.

Microsoft Edge gets a password generator, leaked credentials monitor

www.bleepingcomputer.com/news/security/microsoft-edge-gets-a-password-generator-leaked-credentials-monitor/ Microsoft is rolling out a built-in password generator and a leaked credentials monitoring feature on Windows and macOS systems running the latest Microsoft Edge version.

You might be interested in …

Daily NCSC-FI news followup 2019-08-04

Extortion Emails on the Rise: A Look at The Different Types www.bleepingcomputer.com/news/security/extortion-emails-on-the-rise-a-look-at-the-different-types/ No matter the theme of an extortion scam, their goal is all the same. To scare you into thinking the attackers have information or video about you so that you make a bitcoin payment to avoid the information from being released.. Below we […]

Read More

Daily NCSC-FI news followup 2019-10-03

Casbaneiro: Dangerous cooking with a secret ingredient www.welivesecurity.com/2019/10/03/casbaneiro-trojan-dangerous-cooking/ Casbaneiro, also known as Metamorfo, is a typical Latin American banking trojan that targets banks and cryptocurrency services in Brazil and Mexico (Figure 1). It uses the social engineering method described in the introduction to our previous article, where fake pop-up windows are displayed. Just a GIF […]

Read More

Daily NCSC-FI news followup 2019-10-02

Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping www.helpnetsecurity.com/2019/10/01/prying-eye-vulnerability/ Cequence Securitys CQ Prime Threat Research Team discovered of a vulnerability in Cisco Webex and Zoom video conferencing platforms that potentially allows an attacker to enumerate or list and view active meetings that are not protected. How SMBs Can Mitigate the Growing […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.