Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge

www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its workforce amid healthy profits.

Nettirikolliset etsivät LinkedInistä tietoa ja iskevät tietoturvan merkitys ymmärretään vasta, kun vahinko on tapahtunut

www.tivi.fi/uutiset/tv/0301ce3c-13a4-487d-8cc4-5a41d10d7ff8 Poliisi toivoo yrittäjille lisää koulutusta yritysturvallisuudesta. Niin sanottujen toimitusjohtajapetosten rikoshyöty oli viime vuonna ainakin 6, 7 miljoonaa euroa. Poliisi kirjasi niistä yhteensä 414 rikosilmoitusta.

This Flash Player emulator lets you securely play your old games

www.bleepingcomputer.com/news/software/this-flash-player-emulator-lets-you-securely-play-your-old-games/ A Flash Player emulator called ‘Ruffle’ allows you to play your archived Flash games without fear of being attacked as you browse the web.

Barcode Scanner app on Google Play infects 10 million users with one update

blog.malwarebytes.com/android/2021/02/barcode-scanner-app-on-google-play-infects-10-million-users-with-one-update/ After an update in December, Barcode Scanner had gone from an innocent scanner to full on malware! Although Google has already pulled this app, we predict from a cached Google Play webpage that the update occurred on December 4th, 2020.

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

www.bleepingcomputer.com/news/security/fortinet-fixes-critical-vulnerabilities-in-ssl-vpn-and-web-firewall/ Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products.

New phishing attack uses Morse code to hide malicious URLs

www.bleepingcomputer.com/news/security/new-phishing-attack-uses-morse-code-to-hide-malicious-urls/ A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.

Cybersecurity Threats: The Daunting Challenge Of Securing The Internet Of Things


Ziggy ransomware shuts down and releases victims’ decryption keys

www.bleepingcomputer.com/news/security/ziggy-ransomware-shuts-down-and-releases-victims-decryption-keys/ The Ziggy ransomware operation has shut down and released the victims’ decryption keys after concerns about recent law enforcement activity and guilt for encrypting victims.

A Swiss Company Says It Found Weakness That Imperils Encryption

www.bloombergquint.com/onweb/a-swiss-company-says-it-found-weakness-that-imperils-encryption Now, a Swiss technology company says it has made a breakthrough by using quantum computers to uncover vulnerabilities in commonly used encryption. The company believes it’s found a security weakness that could jeopardize the confidentiality of the world’s internet data, banking transactions and emails. The company said that its research found vulnerabilities that affect symmetric encryption ciphers, including the Advanced Encryption Standard, or AES, which is widely used to secure data transmitted over the internet and to encrypt files. Using a method known as quantum annealing, the company said its research found that even the strongest versions of AES encryption may be decipherable by quantum

You might be interested in …

Daily NCSC-FI news followup 2020-02-28

RSAC 2020: Ransomware a National Crisis, CISA Says, Ramps ICS Focus threatpost.com/ransomware-national-crisis-cisa-ics/153322/ Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) this year especially as ransomware looms as a main threat to the sector going forward.. Thats according to Christopher […]

Read More

Daily NCSC-FI news followup 2020-05-17

Who Controls Huawei? [PDF] www.ui.se/globalassets/butiken/ui-paper/2020/ui-paper-no.-5-2020.pdf = EU member states should adopt a unitary interpretation of the toolbox. A complete ban on Huawei from the rollout of European 5G might not be necessary, but the EU and its member states should strive for a significant reduction in Huaweis market share. Putin Is Well on His Way […]

Read More

Daily NCSC-FI news followup 2019-07-28

Who’s Behind the Syrian Electronic Army? – An OSINT Analysis ddanchev.blogspot.com/2019/07/whos-behind-syrian-electronic-army.html Continuing the “FBI Most Wanted Cybercriminals” series I’ve decided to continue providing actionable threat intelligence on some of the most prolific and wanted cybercriminals in the World through the distribution and dissemination of actionable intelligence regarding some of the most prolific and wanted cybercriminals.. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.