Daily NCSC-FI news followup 2021-02-08

Can The FBI Hack Into Private Signal Messages On A Locked iPhone? Evidence Indicates Yes

www.forbes.com/sites/thomasbrewster/2021/02/08/can-the-fbi-can-hack-into-private-signal-messages-on-a-locked-iphone-evidence-indicates-yes/ The FBI appears to have a tool that can access Signal messages, even if a device is locked.

WestRock Ransomware Attack Hinders Packaging Production

threatpost.com/westrock-ransomware-attack/163717/ The ransomware attack, affecting OT systems, resulted in some of WestRock’s facilities lagging in production levels. WestRock the second-largest packaging company in the U.S. continues to restore its systems, two weeks after it discovered it was the victim of a ransomware attack.

Fake Forcepoint Google Chrome Extension Hacks Windows Users

threatpost.com/fake-forcepoint-google-chrome-extension-hacks/163728/ In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to.

Malware Analysis Report (AR21-039A)

us-cert.cisa.gov/ncas/analysis-reports/ar21-039a MAR-10318845-1.v1 – SUNBURST

Malware Analysis Report (AR21-039B)

us-cert.cisa.gov/ncas/analysis-reports/ar21-039b MAR-10320115-1.v1 – TEARDROP

Microsoft: Keep your guard up even after Emotet’s disruption

www.bleepingcomputer.com/news/security/microsoft-keep-your-guard-up-even-after-emotet-s-disruption/ Microsoft warns customers not to let their guard down even after hundreds of Emotet botnet servers were taken down in late January 2021.

Helsinkiläisille on tarjottu olemattomia koronarokotusaikoja huijausviesteissä

yle.fi/uutiset/3-11778471 Helsinkiläisille on tarjottu puhelimitse tai tekstiviestillä olemattomia aikoja koronavirusrokotuksiin, kertoo kaupunki tiedotteessaan(siirryt toiseen palveluun). Kaupungin mukaan kyse on muutamista yksittäistapauksista.

Reduce vulnerabilities by improving security requirements

medium.com/ouspg/reduce-vulnerabilities-by-improving-security-requirements-4054f14e4901 In this post, I discuss how to reduce the likelihood of vulnerabilities when creating software requirements.

Don’t scrape the faces of our citizens for recognition, Canada tells Clearview AI delete those images

www.theregister.com/2021/02/08/in_brief_ai/ Plus: Check if your Flickr photos are in facial recognition engines and and the list of NSFW words for AI. Canada’s privacy watchdog has found Clearview AI in “clear violation” of the country’s privacy laws, and has told the facial-recognition startup to stop scraping images of Canadians and delete all existing photos it has on those citizens.

Oikeuden paperit paljastavat: Näin Vastaamon tietomurto tapahtui salainen kauppasumma paljastui

www.mtvuutiset.fi/artikkeli/oikeuden-paperit-paljastavat-nain-vastaamon-tietomurto-tapahtui-salainen-kauppasumma-paljastui/8055050 Syy Psykoterapiakeskus Vastaamon ex-toimitusjohtajan Ville Tapion viime syksyn jättimäiseen lähes 10 miljoonan takavarikkoon paljastuu oikeuden papereista.

Microsoft to alert Office 365 users of nation-state hacking activity

www.bleepingcomputer.com/news/security/microsoft-to-alert-office-365-users-of-nation-state-hacking-activity/ Microsoft will soon notify Office 365 of suspected nation-state hacking activity detected within their tenants according to a new listing on the company’s Microsoft 365 roadmap.

Iran ‘hides spyware in wallpaper, restaurant and games apps’

www.bbc.com/news/technology-55977537 Iran is running two surveillance operations in cyber-space, targeting more than 1, 000 dissidents, according to a leading cyber-security company.

Of Kittens and Princes: the latest updates on two Iranian espionage operations


Big jump in RDP attacks as hackers target staff working from home

www.zdnet.com/article/big-jump-in-rdp-attacks-as-hackers-target-staff-working-from-home/ Researchers at ESET detected billions of cyberattacks attempting to take advantage of people working remotely – and cyber criminals aren’t letting up yet.

You might be interested in …

Daily NCSC-FI news followup 2021-04-08

Researchers uncover a new Iranian malware used in recent cyberattacks thehackernews.com/2021/04/researchers-uncover-new-iranian-malware.html An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. APT34 (aka OilRig) is known for its reconnaissance campaigns aligned with the strategic interests of Iran, primarily hitting […]

Read More

Daily NCSC-FI news followup 2019-10-18

KRP epäilee: Rikosliiga hankki suomalaisia henkilötunnuksia ja pankkitilejä kuin liukuhihnalta kansainvälisessä petossarjassa yle.fi/uutiset/3-11026054 KRP:n mukaan asianomistajille aiheutuneet vahingot ovat olleet tutkittavassa kokonaisuudessa yhteensä noin 725 000 euroa. APT trends report Q3 2019 securelist.com/apt-trends-report-q3-2019/94530/ UK government has revealed it is working with chip-maker Arm on a £36m initiative to make more secure processors. www.infosecurity-magazine.com/news/uk-government-announces/ See also […]

Read More

Daily NCSC-FI news followup 2020-07-01

Experts: COVID Multiplying Risks To Critical Infrastructure www.forbes.com/sites/paulfroberts/2020/07/01/experts-covid-multiplying-risks-to-critical-infrastructure/ Former DHS Secretary Michael Chertoff warned on Tuesday that changes wrought by the COVID global pandemic are exacerbating vulnerabilities in the global economy, including the risk of crippling cyber attacks on critical infrastructure like the electric grid. China’s Software Stalked Uighurs Earlier and More Widely, Researchers Learn […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.