Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild

www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users.

Eletrobras, Copel energy companies hit by ransomware attacks

www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week.

Microsoft warns of increasing OAuth Office 365 phishing attacks

www.bleepingcomputer.com/news/security/microsoft-warns-of-increasing-oauth-office-365-phishing-attacks/ Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.

SitePoint discloses data breach after stolen info used in attacks

www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/ The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum.

Launching OSV – Better vulnerability triage for open source

security.googleblog.com/2021/02/launching-osv-better-vulnerability.html We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers of open source software. The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as . quickly as possible.

Näin toimii Suomessa nähty kiero verkkopankkihuijaus tunnusluvulla suojautuminen ei auta, uhri hyväksyy itse rahasiirron

www.is.fi/digitoday/tietoturva/art-2000007784669.html Mies välissä- eli väliintulohyökkäyksellä pankkitili voidaan tyhjentää, vaikka käytössä on tunnuslukulaite tai -sovellus.

The Great Suspender Chrome extension’s fall from grace

www.bleepingcomputer.com/news/software/the-great-suspender-chrome-extensions-fall-from-grace/ Google has forcibly uninstalled the immensely popular ‘The Great Suspender’ extension from Google Chrome and classified it as malware.

Mozilla fixes Windows 10 NTFS corruption bug in Firefox

www.bleepingcomputer.com/news/software/mozilla-fixes-windows-10-ntfs-corruption-bug-in-firefox/ Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser.

Hackers post detailed patient medical records from two hospitals to the dark web

www.nbcnews.com/tech/security/hackers-post-detailed-patient-medical-records-two-hospitals-dark-web-n1256887 The files, which number in at least the tens of thousands, includes patients personal identifying information.

They Stormed the Capitol. Their Apps Tracked Them.

www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html Times Opinion was able to identify individuals from a trove of leaked smartphone location data.

Microsoft delays disabling Basic Authentication for several Exchange Online protocols ‘until further notice’

www.theregister.com/2021/02/05/exchange_online_basic_authentication/ Insists ‘We’re not backtracking’ as tenants given longer to move to something more secure. Microsoft has shifted gears on plans to disable Basic Authentication for five Exchange Online protocols this year, provided your tenant is actually using them.

Spotify Suffers Second Credential-Stuffing Cyberattack in 3 Months

threatpost.com/spotify-credential-stuffing-cyberattack/163672/ As many as 100,000 of the music streaming services customers could face account takeover.. Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. The service has forced password resets for impacted users.

Industrial Networks See Sharp Uptick in Hackable Security Holes

threatpost.com/industrial-networks-hackable-security-holes/163708/ Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks.. The report analyzed all publicly disclosed vulnerabilities in ICS networks in the second half of 2020 and found a nearly 33 percent increase in ICS disclosures over 2018, both from organizations like Claroty and from independent researchers.. Report:


NCIJTF Releases Ransomware Factsheet

us-cert.cisa.gov/ncas/current-activity/2021/02/05/ncijtf-releases-ransomware-factsheet The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques.

You might be interested in …

Daily NCSC-FI news followup 2019-07-25

The Unsexy Threat to Election Security krebsonsecurity.com/2019/07/the-unsexy-threat-to-election-security/ Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and […]

Read More

Daily NCSC-FI news followup 2021-02-24

Haavoittuvuuksia VMwaren tuotteissa – päivitä heti www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-vmwaren-tuotteissa-paivita-heti VMware julkaisi päivityksiä, jotka tulisi asentaa välittömästi. Haavoittuvuudet mahdollistavat esimerkiksi etänä suoritettavat komennot sekä mielivaltaisen ohjelmakoodin suorittamisen. Kriittinen haavoittuvuus CVE-2021-21972 koskee VMware vCenter Server – -hallinta-alustaa, joka mahdollistaa etänä suoritettavien komentojen suorittamisen. Julkaistu vakava haavoittuvuus CVE-2021-21974 koskee ESXi OpenSLP -puskurin ylivuotoa. Google funds Linux maintainers to boost Linux […]

Read More

Daily NCSC-FI news followup 2020-05-10

Microsoft adds protection against Reply-All email storms in Office 365 www.zdnet.com/article/microsoft-adds-protection-against-reply-all-email-storms-in-office-365/ Microsoft rolled out this week a new feature to Office 365 customers to help their IT staff detect and stop “Reply-All email storms.”. The term refers to situations when employees use the Reply-All option in mass-mailed emails, such as company-wide notifications. Sodinokibi ransomware can […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.