Daily NCSC-FI news followup 2021-01-30

Trust is the key component of human-centric data economy

impulssilvm.fi/2021/01/30/trust-is-the-key-component-of-human-centric-data-economy/ Data and digital innovation are vital for achieving public value, sustainable development goals, and tackling climate change, poverty and exclusion. In Finland, we speak of human-centric data economy, and you might wonder, why? It is because we believe that the critical raw material is not data as such, but trust, which is the prerequisite for extracting, sharing, utilising, re-using and refining data. Fostering trust and transparency is the most important task of the government. Trust between citizens and government, as well as between the public and private sectors.

Ransomware Payoffs Surge by 311% to Nearly $350 Million

www.darkreading.com/vulnerabilities—threats/ransomware-payoffs-surge-by-311–to-nearly-$350-million/d/d-id/1340017 Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds. also:

blog.chainalysis.com/reports/ransomware-ecosystem-crypto-crime-2021

Cleaning up after Emotet: the law enforcement file

blog.malwarebytes.com/threat-analysis/2021/01/cleaning-up-after-emotet-the-law-enforcement-file/ On January 27, Europol announced a global operation to take down the botnet behind what it called the most dangerous malware by gaining control of its infrastructure and taking it down from the inside. Shortly thereafter, Emotet controllers started to deliver a special payload that had code to remove the malware from infected computers. This had not been formally clarified just yet and some details around it were not quite clear. In this blog we will review this update and how it is meant to work.

Why operational resilience will be key in 2021, and how this impacts cybersecurity

www.microsoft.com/security/blog/2021/01/28/why-operational-resilience-will-be-key-in-2021-and-how-this-impacts-cybersecurity/ The key to success in surviving any unforeseen circumstances in 2021, will be operational resiliency. Operational resilience is the ability to sustain business operations during any major event, including a cyberattack. It requires a strategic and holistic view of what could go wrong and how an organization will respond.

The QAnon Timeline: Four Years, 5, 000 Drops and Countless Failed Prophecies

www.bellingcat.com/news/americas/2021/01/29/the-qanon-timeline/ QAnon is not a static conspiracy theory. Since it first emerged in 2017, it has continuously evolved, focusing on different key topics and adopting elements of other conspiracy theories. As Bellingcat has recently written, this elasticity has been the key to its success.

Microsoft 365 Becomes Haven for BEC Innovation

threatpost.com/microsoft-365-bec-innovation/163508/ Two new phishing tactics use the platform’s automated responses to evade email filters. In one case, scammers are targeting victims by redirecting legitimate out-of-office (OOO) replies from an employee to them; and in the other, read receipts are being manipulated. Both styles were seen being used in the wild in the U.S. in December, when auto-responders were more prevalent due to holiday vacation. also:

abnormalsecurity.com/blog/scammers-target-microsoft-365-read-receipt-and-out-of-office-reply-loophole-for-bec-attacks/

Fonix ransomware shuts down and releases master decryption key

www.bleepingcomputer.com/news/security/fonix-ransomware-shuts-down-and-releases-master-decryption-key/ The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free.

Severe bug in Libgcrypt used by GPG and others is a whole heap of trouble, prompts patch scramble

www.theregister.com/2021/01/29/severe_libgcrypt_bug/ Google Project Zero researcher Tavis Ormandy on Thursday reported a severe flaw in Libgcrypt 1.9.0, an update to the widely used cryptographic library that was released ten days ago. However, because Libgcrypt 1.9.0 was only recently released, it hasn’t been widely incorporated into other projects yet. The identified bug is a heap buffer overflow and it’s considered rather serious because it’s easily exploitable.

Suomalaisina esiintyvät verkkokaupat pommittavat somekäyttäjiä huijatuksi tullut asiakas kertoo, mikä sai hänet luottamaan mainokseen

yle.fi/aihe/artikkeli/2021/01/30/suomalaisina-esiintyvat-verkkokaupat-pommittavat-somekayttajia-huijatuksi Somessa mainostetaan aktiivisesti suomenkielisiä verkkokauppoja, joiden pyörittäjiä on todella vaikea jäljittää. Poliisi on vastaanottanut useita rikosilmoituksia epäillyistä verkkokauppahuijauksista.

You might be interested in …

Daily NCSC-FI news followup 2019-11-26

The RIPE NCC has run out of IPv4 Addresses www.ripe.net/publications/news/about-ripe-ncc-and-ripe/the-ripe-ncc-has-run-out-of-ipv4-addresses Today, at 15:35 (UTC+1) on 25 November 2019, we made our final /22 IPv4 allocation from the last remaining addresses in our available pool. We have now run out of IPv4 addresses. Stantinko botnet adds cryptomining to its pool of criminal activities www.welivesecurity.com/2019/11/26/stantinko-botnet-adds-cryptomining-criminal-activities/ The operators […]

Read More

Daily NCSC-FI news followup 2021-04-26

Valtion virastoihin tietomurto Kiina vastaavien iskujen takana, viranomainen vaitelias www.is.fi/digitoday/tietoturva/art-2000007942369.html Ohjelmistoaukon kautta tehty hyökkäys herättää paljon kysymyksiä, mutta vastaukset ovat niukkoja. Petos­tehtailijoiden epäillään käyttäneen hyväkseen OmaPostia ja taksi­sovellusta saaliiksi kymmeniä­tuhansia euroja www.is.fi/digitoday/tietoturva/art-2000007942423.html Kahta vangittuna ollutta miestä epäillään törkeästä tietomurrosta, tietosuojarikoksesta ja yhteensä 46 petosrikoksesta OmaPosti – -sovellukseen liittyen. Despite arrests in Spain, FluBot operations explode […]

Read More

Daily NCSC-FI news followup 2020-04-23

Twitter will remove dubious 5G tweets that could potentially cause harm’ techcrunch.com/2020/04/22/twitter-will-remove-dubious-5g-tweets-that-could-potentially-cause-harm/ “We’re prioritizing the removal of COVID-19 content when it has a call to action that could potentially cause harm, “ First version of Apple and Google’s contact tracing API should be available to developers next week techcrunch.com/2020/04/23/first-version-of-apple-and-googles-contact-tracing-api-should-be-available-to-developers-next-week/ The first version of Apple and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.