Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild

www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users.

Eletrobras, Copel energy companies hit by ransomware attacks

www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week.

Microsoft warns of increasing OAuth Office 365 phishing attacks

www.bleepingcomputer.com/news/security/microsoft-warns-of-increasing-oauth-office-365-phishing-attacks/ Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.

SitePoint discloses data breach after stolen info used in attacks

www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/ The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum.

Launching OSV – Better vulnerability triage for open source

security.googleblog.com/2021/02/launching-osv-better-vulnerability.html We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers of open source software. The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as . quickly as possible.

Näin toimii Suomessa nähty kiero verkkopankkihuijaus tunnusluvulla suojautuminen ei auta, uhri hyväksyy itse rahasiirron

www.is.fi/digitoday/tietoturva/art-2000007784669.html Mies välissä- eli väliintulohyökkäyksellä pankkitili voidaan tyhjentää, vaikka käytössä on tunnuslukulaite tai -sovellus.

The Great Suspender Chrome extension’s fall from grace

www.bleepingcomputer.com/news/software/the-great-suspender-chrome-extensions-fall-from-grace/ Google has forcibly uninstalled the immensely popular ‘The Great Suspender’ extension from Google Chrome and classified it as malware.

Mozilla fixes Windows 10 NTFS corruption bug in Firefox

www.bleepingcomputer.com/news/software/mozilla-fixes-windows-10-ntfs-corruption-bug-in-firefox/ Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser.

Hackers post detailed patient medical records from two hospitals to the dark web

www.nbcnews.com/tech/security/hackers-post-detailed-patient-medical-records-two-hospitals-dark-web-n1256887 The files, which number in at least the tens of thousands, includes patients personal identifying information.

They Stormed the Capitol. Their Apps Tracked Them.

www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html Times Opinion was able to identify individuals from a trove of leaked smartphone location data.

Microsoft delays disabling Basic Authentication for several Exchange Online protocols ‘until further notice’

www.theregister.com/2021/02/05/exchange_online_basic_authentication/ Insists ‘We’re not backtracking’ as tenants given longer to move to something more secure. Microsoft has shifted gears on plans to disable Basic Authentication for five Exchange Online protocols this year, provided your tenant is actually using them.

Spotify Suffers Second Credential-Stuffing Cyberattack in 3 Months

threatpost.com/spotify-credential-stuffing-cyberattack/163672/ As many as 100,000 of the music streaming services customers could face account takeover.. Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. The service has forced password resets for impacted users.

Industrial Networks See Sharp Uptick in Hackable Security Holes

threatpost.com/industrial-networks-hackable-security-holes/163708/ Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks.. The report analyzed all publicly disclosed vulnerabilities in ICS networks in the second half of 2020 and found a nearly 33 percent increase in ICS disclosures over 2018, both from organizations like Claroty and from independent researchers.. Report:

security.claroty.com/biannual-ics-risk-vulnerability-report-2H-2020

NCIJTF Releases Ransomware Factsheet

us-cert.cisa.gov/ncas/current-activity/2021/02/05/ncijtf-releases-ransomware-factsheet The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques.

You might be interested in …

Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080 Ransomware accounted for 41% of […]

Read More

Daily NCSC-FI news followup 2019-06-28

Exclusive: Western intelligence hacked ‘Russia’s Google’ Yandex to spy on accounts – sources www.reuters.com/article/us-usa-cyber-yandex-exclusive/exclusive-western-intelligence-hacked-russias-google-yandex-to-spy-on-accounts-sources-idUSKCN1TS2SX Hackers working for Western intelligence agencies broke into Russian internet search company Yandex in late 2018 deploying a rare type of malware in an attempt to spy on user accounts, four people with knowledge of the matter told Reuters.. The malware, […]

Read More

Daily NCSC-FI news followup 2021-07-24

Internet Futures www.ofcom.org.uk/__data/assets/pdf_file/0013/222205/internet-futures.pdf This report should not be seen as an exhaustive list of every innovative technology being developed. Indeed, it can be no more than a sample of the high-quality ongoing research work being conducted in industry and academia. Further, the omission or inclusion of any technology shouldnt be taken as a signal of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.