Daily NCSC-FI news followup 2021-01-28

Cybersecurity to the Rescue: Pseudonymisation for Personal Data Protection

www.enisa.europa.eu/news/enisa-news/cybersecurity-to-the-rescue-pseudonymisation-for-personal-data-protection ENISA’s new report explores pseudonymisation techniques and use cases for healthcare and information sharing in cybersecurity

Who’s Making All Those Scam Calls?

www.nytimes.com/2021/01/27/magazine/scam-call-centers.html

Malware Analysis Report (AR21-027A) – MAR-10319053-1.v1 – Supernova

us-cert.cisa.gov/ncas/analysis-reports/ar21-027a

ANNOUNCING PWN2OWN VANCOUVER 2021

www.zerodayinitiative.com/blog/2021/1/25/announcing-pwn2own-vancouver-2021

Introducing data breach guidance for individuals and families

www.ncsc.gov.uk/blog-post/introducing-data-breach-guidance-for-individuals-and-families

Pahin tapahtui: 31 980 Vastaamo-asiakastiedostoa leviää hallitsemattomasti netissä “Voi tapahtua ikäviä asioita”

www.is.fi/digitoday/tietoturva/art-2000007767895.html Vastaamon asiakastietoja on julkaistu usealla tiedostonjakopalvelimella. Kissa ja hiiri -leikki on alkanut.

Entä jos sisäverkko ei olekaan turvallinen? Zero trust -mallissa epäillään kaikkia

www.tivi.fi/uutiset/tv/27deade9-eb10-4bc6-9de1-bd4d3858e14c Zero trust haastaa kiinteisiin muureihin perustuvan tietoturva-arkkitehtuurin ja niiden luomat suojaisat poukamat. Kun yleisen oikeusperiaatteen mukaan syytetty on syytön, kunnes toisin osoitetaan, zero trust kääntää asetelman päälaelleen.

PwC-IR: The Business Email Compromise Guide

github.com/PwC-IR/Business-Email-Compromise-Guide The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.

Europol: Emotet malware will uninstall itself on March 25th

www.bleepingcomputer.com/news/security/europol-emotet-malware-will-uninstall-itself-on-march-25th/

Arrest, Seizures Tied to Netwalker Ransomware

krebsonsecurity.com/2021/01/arrest-seizures-tied-to-netwalker-ransomware/ U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.

You might be interested in …

Daily NCSC-FI news followup 2020-06-26

Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards threatpost.com/cardplanet-operator-sentenced-stolen-credit-cards/156956/ The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases. Developer of Mirai, Qbot-based DDoS botnets jailed for 13 months www.bleepingcomputer.com/news/security/developer-of-mirai-qbot-based-ddos-botnets-jailed-for-13-months/ A 22-year-old Washington man was sentenced to 13 months in prison for renting and developing Mirai […]

Read More

Daily NCSC-FI news followup 2019-10-25

Cachet Financial Reeling from MyPayrollHR Fraud krebsonsecurity.com/2019/10/cachet-financial-reeling-from-mypayrollhr-fraud/ When New York-based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payment processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway, graciously eating a $26 million loss which […]

Read More

Daily NCSC-FI news followup 2020-01-06

The Hidden Cost of Ransomware: Wholesale Password Theft krebsonsecurity.com/2020/01/the-hidden-cost-of-ransomware-wholesale-password-theft/ Moral of the story: Companies that experience a ransomware attack or for that matter any type of equally invasive malware infestation should assume that all credentials stored anywhere on the local network (including those saved inside Web browsers and password managers) are compromised and need to […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.