Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge

www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its workforce amid healthy profits.

Nettirikolliset etsivät LinkedInistä tietoa ja iskevät tietoturvan merkitys ymmärretään vasta, kun vahinko on tapahtunut

www.tivi.fi/uutiset/tv/0301ce3c-13a4-487d-8cc4-5a41d10d7ff8 Poliisi toivoo yrittäjille lisää koulutusta yritysturvallisuudesta. Niin sanottujen toimitusjohtajapetosten rikoshyöty oli viime vuonna ainakin 6, 7 miljoonaa euroa. Poliisi kirjasi niistä yhteensä 414 rikosilmoitusta.

This Flash Player emulator lets you securely play your old games

www.bleepingcomputer.com/news/software/this-flash-player-emulator-lets-you-securely-play-your-old-games/ A Flash Player emulator called ‘Ruffle’ allows you to play your archived Flash games without fear of being attacked as you browse the web.

Barcode Scanner app on Google Play infects 10 million users with one update

blog.malwarebytes.com/android/2021/02/barcode-scanner-app-on-google-play-infects-10-million-users-with-one-update/ After an update in December, Barcode Scanner had gone from an innocent scanner to full on malware! Although Google has already pulled this app, we predict from a cached Google Play webpage that the update occurred on December 4th, 2020.

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

www.bleepingcomputer.com/news/security/fortinet-fixes-critical-vulnerabilities-in-ssl-vpn-and-web-firewall/ Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products.

New phishing attack uses Morse code to hide malicious URLs

www.bleepingcomputer.com/news/security/new-phishing-attack-uses-morse-code-to-hide-malicious-urls/ A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.

Cybersecurity Threats: The Daunting Challenge Of Securing The Internet Of Things


Ziggy ransomware shuts down and releases victims’ decryption keys

www.bleepingcomputer.com/news/security/ziggy-ransomware-shuts-down-and-releases-victims-decryption-keys/ The Ziggy ransomware operation has shut down and released the victims’ decryption keys after concerns about recent law enforcement activity and guilt for encrypting victims.

A Swiss Company Says It Found Weakness That Imperils Encryption

www.bloombergquint.com/onweb/a-swiss-company-says-it-found-weakness-that-imperils-encryption Now, a Swiss technology company says it has made a breakthrough by using quantum computers to uncover vulnerabilities in commonly used encryption. The company believes it’s found a security weakness that could jeopardize the confidentiality of the world’s internet data, banking transactions and emails. The company said that its research found vulnerabilities that affect symmetric encryption ciphers, including the Advanced Encryption Standard, or AES, which is widely used to secure data transmitted over the internet and to encrypt files. Using a method known as quantum annealing, the company said its research found that even the strongest versions of AES encryption may be decipherable by quantum

You might be interested in …

Daily NCSC-FI news followup 2019-10-21

Verkon myyntisivustolla liikkuu huijariostajia näyttävät myyjälle väärennetyn kuitin tai tiliotteen www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/verkon_myyntisivustolla_liikkuu_huijariostajia_nayttavat_myyjalle_vaarennetyn_kuitin_tai_tiliotteen_85170 Helsingin poliisin tietoon on tullut syksyn aikana samantyyppisiä huijaustapauksia, joissa tavarat ovat vaihtaneet omistajaa Tori.fi-verkkosivuston kautta. Tapauksissa huijarit ovat esittäneet ostotilanteessa myyjälle väärennetyn kuitin tai tiliotteen, joka on tehty pankin demosivustolla. Venäläiset kaappasivat Iranin operaation ja vakoilivat kohteita kymmenissä maissa www.hs.fi/ulkomaat/art-2000006280146.html Turvallisuuspalvelu FSB:hen yhdistetty […]

Read More

Daily NCSC-FI news followup 2020-02-06

Protecting users from insecure downloads in Google Chrome security.googleblog.com/2020/02/protecting-users-from-insecure_6.html Today were announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files. In a series of steps outlined below, well start blocking “mixed content downloads” (non-HTTPS downloads started on secure pages). This move follows a plan we announced last year to start […]

Read More

Daily NCSC-FI news followup 2021-05-26

North Korean (LAZARUS) hackers behind CryptoCore multi-million dollar heists www.bleepingcomputer.com/news/security/north-korean-hackers-behind-cryptocore-multi-million-dollar-heists/ Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus. Full report as PDF: www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf Russian Hydra DarkNet Market Made Over $1.3 Billion in […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.