Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild

www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users.

Eletrobras, Copel energy companies hit by ransomware attacks

www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week.

Microsoft warns of increasing OAuth Office 365 phishing attacks

www.bleepingcomputer.com/news/security/microsoft-warns-of-increasing-oauth-office-365-phishing-attacks/ Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.

SitePoint discloses data breach after stolen info used in attacks

www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/ The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum.

Launching OSV – Better vulnerability triage for open source

security.googleblog.com/2021/02/launching-osv-better-vulnerability.html We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers of open source software. The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as . quickly as possible.

Näin toimii Suomessa nähty kiero verkkopankkihuijaus tunnusluvulla suojautuminen ei auta, uhri hyväksyy itse rahasiirron

www.is.fi/digitoday/tietoturva/art-2000007784669.html Mies välissä- eli väliintulohyökkäyksellä pankkitili voidaan tyhjentää, vaikka käytössä on tunnuslukulaite tai -sovellus.

The Great Suspender Chrome extension’s fall from grace

www.bleepingcomputer.com/news/software/the-great-suspender-chrome-extensions-fall-from-grace/ Google has forcibly uninstalled the immensely popular ‘The Great Suspender’ extension from Google Chrome and classified it as malware.

Mozilla fixes Windows 10 NTFS corruption bug in Firefox

www.bleepingcomputer.com/news/software/mozilla-fixes-windows-10-ntfs-corruption-bug-in-firefox/ Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser.

Hackers post detailed patient medical records from two hospitals to the dark web

www.nbcnews.com/tech/security/hackers-post-detailed-patient-medical-records-two-hospitals-dark-web-n1256887 The files, which number in at least the tens of thousands, includes patients personal identifying information.

They Stormed the Capitol. Their Apps Tracked Them.

www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html Times Opinion was able to identify individuals from a trove of leaked smartphone location data.

Microsoft delays disabling Basic Authentication for several Exchange Online protocols ‘until further notice’

www.theregister.com/2021/02/05/exchange_online_basic_authentication/ Insists ‘We’re not backtracking’ as tenants given longer to move to something more secure. Microsoft has shifted gears on plans to disable Basic Authentication for five Exchange Online protocols this year, provided your tenant is actually using them.

Spotify Suffers Second Credential-Stuffing Cyberattack in 3 Months

threatpost.com/spotify-credential-stuffing-cyberattack/163672/ As many as 100,000 of the music streaming services customers could face account takeover.. Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. The service has forced password resets for impacted users.

Industrial Networks See Sharp Uptick in Hackable Security Holes

threatpost.com/industrial-networks-hackable-security-holes/163708/ Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks.. The report analyzed all publicly disclosed vulnerabilities in ICS networks in the second half of 2020 and found a nearly 33 percent increase in ICS disclosures over 2018, both from organizations like Claroty and from independent researchers.. Report:


NCIJTF Releases Ransomware Factsheet

us-cert.cisa.gov/ncas/current-activity/2021/02/05/ncijtf-releases-ransomware-factsheet The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques.

You might be interested in …

Daily NCSC-FI news followup 2019-11-01

Safe downloading habits: What to teach your kids www.welivesecurity.com/2019/11/01/safe-downloading-habits-teach-kids/ Even if you are careful about what you click and download, chances are your children will be less cautious. Heres how you can help them and your entire family stay safe. Life without the internet is rather difficult to fathom, and particularly for children the online […]

Read More

Daily NCSC-FI news followup 2020-10-26

Apua ja neuvoja tietovuodon uhreille tietovuotoapu.fi/fi/ Tietovuotoapu-sivustolta löydät kootusti viranomaisten ja avustusjärjestöjen ohjeita tietovuodon uhreille. Sivustoa päivitetään jatkuvasti. Mitä tehdä, jos törmää vuodettuun materiaaliin? Tietojen käsittelemisestä voi saada jopa vuoden vankeusrangaistuksen yle.fi/uutiset/3-11613689 Jos netissä törmää vuodettuun, haitalliseen sisältöön, siitä tulisi ilmoittaa Kyberturvallisuuskeskukseen tai poliisille. Moni miettii nyt, onko oma tietoturva ajan tasalla asiantuntija kertoo viisi […]

Read More

Daily NCSC-FI news followup 2021-04-02

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities us-cert.cisa.gov/ncas/current-activity/2021/04/02/fbi-cisa-joint-advisory-exploitation-fortinet-fortios The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. FBI and CISA warn of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.