Daily NCSC-FI news followup 2021-01-28

Cybersecurity to the Rescue: Pseudonymisation for Personal Data Protection

www.enisa.europa.eu/news/enisa-news/cybersecurity-to-the-rescue-pseudonymisation-for-personal-data-protection ENISA’s new report explores pseudonymisation techniques and use cases for healthcare and information sharing in cybersecurity

Pahin tapahtui: 31 980 Vastaamo-asiakastiedostoa leviää hallitsemattomasti netissä “Voi tapahtua ikäviä asioita”

www.is.fi/digitoday/tietoturva/art-2000007767895.html Vastaamon asiakastietoja on julkaistu usealla tiedostonjakopalvelimella. Kissa ja hiiri -leikki on alkanut.

Entä jos sisäverkko ei olekaan turvallinen? Zero trust -mallissa epäillään kaikkia

www.tivi.fi/uutiset/tv/27deade9-eb10-4bc6-9de1-bd4d3858e14c Zero trust haastaa kiinteisiin muureihin perustuvan tietoturva-arkkitehtuurin ja niiden luomat suojaisat poukamat. Kun yleisen oikeusperiaatteen mukaan syytetty on syytön, kunnes toisin osoitetaan, zero trust kääntää asetelman päälaelleen.

PwC-IR: The Business Email Compromise Guide

github.com/PwC-IR/Business-Email-Compromise-Guide The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.

Europol: Emotet malware will uninstall itself on March 25th

www.bleepingcomputer.com/news/security/europol-emotet-malware-will-uninstall-itself-on-march-25th/

Arrest, Seizures Tied to Netwalker Ransomware

krebsonsecurity.com/2021/01/arrest-seizures-tied-to-netwalker-ransomware/ U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.

Daily NCSC-FI news followup 2021-06-22

Poistimme Android-haittaohjelmia koskevan varoituksen www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/poistimme-android-haittaohjelmia-koskevan-varoituksen Poistimme 4.6. annetun Android-haittaohjelmia koskevan varoituksen. Kesäkuun alkupuolella erittäin aktiivisena tapahtunut haittaohjelman levityskampanja on nyt rauhoittunut ja ilmoitusmäärät haittaohjelmaa levittävistä tekstiviesteistä ovat laskeneet merkittävästi. City of Liege, Belgium hit by ransomware therecord.media/city-of-liege-belgium-hit-by-ransomware/ Liege, the third biggest city in Belgium, has suffered today a ransomware attack that has disrupted the municipality’s […]

Daily NCSC-FI news followup 2020-10-04

Ttint is a new form of IoT botnet that also includes remote access tools-like (RAT) features, rarely seen in these types of botnets before www.zdnet.com/article/new-ttint-iot-botnet-caught-exploiting-two-zero-days-in-tenda-routers For almost a year, a threat actor has been using zero-day vulnerabilities to install malware on Tenda routers and build a so-called IoT (Internet of Things) botnet. Google offers up […]

Daily NCSC-FI news followup 2019-09-27

Some Voting Machines Still Have Decade-Old Vulnerabilities www.wired.com/story/voting-village-results-hacking-decade-old-bugs/ The results of the 2019 Defcon Voting Village are inand they paint an ugly picture for voting machine security.. In three short years, the Defcon Voting Village has gone from a radical hacking project to a stalwart that surfaces voting machine security issues. This afternoon, its organizers […]

Daily NCSC-FI news followup 2021-01-28

Cybersecurity to the Rescue: Pseudonymisation for Personal Data Protection

Who’s Making All Those Scam Calls?

Malware Analysis Report (AR21-027A) – MAR-10319053-1.v1 – Supernova

ANNOUNCING PWN2OWN VANCOUVER 2021

Introducing data breach guidance for individuals and families