Daily NCSC-FI news followup 2021-01-28

Cybersecurity to the Rescue: Pseudonymisation for Personal Data Protection

www.enisa.europa.eu/news/enisa-news/cybersecurity-to-the-rescue-pseudonymisation-for-personal-data-protection ENISA’s new report explores pseudonymisation techniques and use cases for healthcare and information sharing in cybersecurity

Who’s Making All Those Scam Calls?

www.nytimes.com/2021/01/27/magazine/scam-call-centers.html

Malware Analysis Report (AR21-027A) – MAR-10319053-1.v1 – Supernova

us-cert.cisa.gov/ncas/analysis-reports/ar21-027a

ANNOUNCING PWN2OWN VANCOUVER 2021

www.zerodayinitiative.com/blog/2021/1/25/announcing-pwn2own-vancouver-2021

Introducing data breach guidance for individuals and families

www.ncsc.gov.uk/blog-post/introducing-data-breach-guidance-for-individuals-and-families

Pahin tapahtui: 31 980 Vastaamo-asiakastiedostoa leviää hallitsemattomasti netissä “Voi tapahtua ikäviä asioita”

www.is.fi/digitoday/tietoturva/art-2000007767895.html Vastaamon asiakastietoja on julkaistu usealla tiedostonjakopalvelimella. Kissa ja hiiri -leikki on alkanut.

Entä jos sisäverkko ei olekaan turvallinen? Zero trust -mallissa epäillään kaikkia

www.tivi.fi/uutiset/tv/27deade9-eb10-4bc6-9de1-bd4d3858e14c Zero trust haastaa kiinteisiin muureihin perustuvan tietoturva-arkkitehtuurin ja niiden luomat suojaisat poukamat. Kun yleisen oikeusperiaatteen mukaan syytetty on syytön, kunnes toisin osoitetaan, zero trust kääntää asetelman päälaelleen.

PwC-IR: The Business Email Compromise Guide

github.com/PwC-IR/Business-Email-Compromise-Guide The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.

Europol: Emotet malware will uninstall itself on March 25th

www.bleepingcomputer.com/news/security/europol-emotet-malware-will-uninstall-itself-on-march-25th/

Arrest, Seizures Tied to Netwalker Ransomware

krebsonsecurity.com/2021/01/arrest-seizures-tied-to-netwalker-ransomware/ U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.

You might be interested in …

Daily NCSC-FI news followup 2021-01-10

Eilakaisla joutui kyber­hyökkäyksen kohteeksi henkilö­tietojen vuoto ei pois suljettua www.hs.fi/kotimaa/art-2000007731435.html Henkilöstöpalvelualan yritys Eilakaisla joutui viikonloppuna kyberhyökkäyksen kohteeksi. Yritys tiedotti sunnuntaina, että kiristyshaittaohjelmalla perjantaina tehdyn hyökkäyksen vuoksi Eilakaislan palvelin lakkasi sinä päivänä toimimasta. Hyökkäyksen takia on mahdollista, että työnhakijoiden ja työntekijöiden henkilötietoja sekä asiakkaiden laskutustietoja on vaarantunut.. Myös: yle.fi/uutiset/3-11730761. www.is.fi/digitoday/tietoturva/art-2000007731487.html Miten kyber­uhkien torjuntaa pitäisi kehittää? www.tivi.fi/uutiset/tv/1cfc4f24-2da5-4a3a-9d86-26f9f0898f81 […]

Read More

Daily NCSC-FI news followup 2019-07-29

Video: Analyzing Compressed PowerShell Scripts isc.sans.edu/diary/Video%3A+Analyzing+Compressed+PowerShell+Scripts/25178 In diary entry “Analyzing Compressed PowerShell Scripts”, we took a look at a malicious Word document with compressed PowerShell script.. See also: isc.sans.edu/forums/diary/Analyzing+Compressed+PowerShell+Scripts/25158/ DMARC’s Abysmal Adoption Explains Why Email Spoofing is Still a Thing www.zdnet.com/article/dmarcs-abysmal-adoption-explains-why-email-spoofing-is-still-a-thing/ Around 79.7% don’t use DMARC, according to a report that surveyed the DMARC policies […]

Read More

Daily NCSC-FI news followup 2020-06-29

PROMETHIUM extends global reach with StrongPity3 APT blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html The PROMETHIUM threat actor active since 2012 has been exposed multiple times over the past several years.. However, this has not deterred this actor from continuing and expanding their activities. By matching indicators such as code similarity, command and control (C2) paths, toolkit structure and malicious behavior, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.