Daily NCSC-FI news followup 2021-02-08

Can The FBI Hack Into Private Signal Messages On A Locked iPhone? Evidence Indicates Yes

www.forbes.com/sites/thomasbrewster/2021/02/08/can-the-fbi-can-hack-into-private-signal-messages-on-a-locked-iphone-evidence-indicates-yes/ The FBI appears to have a tool that can access Signal messages, even if a device is locked.

WestRock Ransomware Attack Hinders Packaging Production

threatpost.com/westrock-ransomware-attack/163717/ The ransomware attack, affecting OT systems, resulted in some of WestRock’s facilities lagging in production levels. WestRock the second-largest packaging company in the U.S. continues to restore its systems, two weeks after it discovered it was the victim of a ransomware attack.

Fake Forcepoint Google Chrome Extension Hacks Windows Users

threatpost.com/fake-forcepoint-google-chrome-extension-hacks/163728/ In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to.

Malware Analysis Report (AR21-039A)

us-cert.cisa.gov/ncas/analysis-reports/ar21-039a MAR-10318845-1.v1 – SUNBURST

Malware Analysis Report (AR21-039B)

us-cert.cisa.gov/ncas/analysis-reports/ar21-039b MAR-10320115-1.v1 – TEARDROP

Microsoft: Keep your guard up even after Emotet’s disruption

www.bleepingcomputer.com/news/security/microsoft-keep-your-guard-up-even-after-emotet-s-disruption/ Microsoft warns customers not to let their guard down even after hundreds of Emotet botnet servers were taken down in late January 2021.

Helsinkiläisille on tarjottu olemattomia koronarokotusaikoja huijausviesteissä

yle.fi/uutiset/3-11778471 Helsinkiläisille on tarjottu puhelimitse tai tekstiviestillä olemattomia aikoja koronavirusrokotuksiin, kertoo kaupunki tiedotteessaan(siirryt toiseen palveluun). Kaupungin mukaan kyse on muutamista yksittäistapauksista.

Reduce vulnerabilities by improving security requirements

medium.com/ouspg/reduce-vulnerabilities-by-improving-security-requirements-4054f14e4901 In this post, I discuss how to reduce the likelihood of vulnerabilities when creating software requirements.

Don’t scrape the faces of our citizens for recognition, Canada tells Clearview AI delete those images

www.theregister.com/2021/02/08/in_brief_ai/ Plus: Check if your Flickr photos are in facial recognition engines and and the list of NSFW words for AI. Canada’s privacy watchdog has found Clearview AI in “clear violation” of the country’s privacy laws, and has told the facial-recognition startup to stop scraping images of Canadians and delete all existing photos it has on those citizens.

Oikeuden paperit paljastavat: Näin Vastaamon tietomurto tapahtui salainen kauppasumma paljastui

www.mtvuutiset.fi/artikkeli/oikeuden-paperit-paljastavat-nain-vastaamon-tietomurto-tapahtui-salainen-kauppasumma-paljastui/8055050 Syy Psykoterapiakeskus Vastaamon ex-toimitusjohtajan Ville Tapion viime syksyn jättimäiseen lähes 10 miljoonan takavarikkoon paljastuu oikeuden papereista.

Microsoft to alert Office 365 users of nation-state hacking activity

www.bleepingcomputer.com/news/security/microsoft-to-alert-office-365-users-of-nation-state-hacking-activity/ Microsoft will soon notify Office 365 of suspected nation-state hacking activity detected within their tenants according to a new listing on the company’s Microsoft 365 roadmap.

Iran ‘hides spyware in wallpaper, restaurant and games apps’

www.bbc.com/news/technology-55977537 Iran is running two surveillance operations in cyber-space, targeting more than 1, 000 dissidents, according to a leading cyber-security company.

Of Kittens and Princes: the latest updates on two Iranian espionage operations


Big jump in RDP attacks as hackers target staff working from home

www.zdnet.com/article/big-jump-in-rdp-attacks-as-hackers-target-staff-working-from-home/ Researchers at ESET detected billions of cyberattacks attempting to take advantage of people working remotely – and cyber criminals aren’t letting up yet.

You might be interested in …

Daily NCSC-FI news followup 2019-06-26

Security flaw in LTE networks can let hackers send false presidential alerts cyware.com/news/security-flaw-in-lte-networks-can-let-hackers-send-false-presidential-alerts-109ceabf A vulnerability in LTE networks can be abused by hackers to launch spoofing attacks. The flaw can be exploited to send out spoofed AMBER alerts, and false presidential alerts. New Silex malware is bricking IoT devices, has scary plans www.zdnet.com/article/new-silex-malware-is-bricking-iot-devices-has-scary-plans/ A new […]

Read More

Daily NCSC-FI news followup 2020-10-19

US Indicts Sandworm, Russia’s Most Destructive Cyberwar Unit www.wired.com/story/us-indicts-sandworm-hackers-russia-cyberwar-unit/ The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history.. see also www.justice.gov/opa/pr/six-russian-gru-officers-charged-connection-worldwide-deployment-destructive-malware-and. indictment www.justice.gov/opa/press-release/file/1328521/download. see also www.ncsc.gov.uk/news/uk-and-partners-condemn-gru-cyber-attacks-against-olympic-an-paralympic-games Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack threatpost.com/ryuk-ransomware-gang-zerologon-lightning-attack/160286/ Researchers said the group was able […]

Read More

Daily NCSC-FI news followup 2020-03-10

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide thehackernews.com/2020/03/necurs-botnet-takedown.html Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure. Fingridin kumppani joutui tietomurron uhriksi Verkot ovat hyvin suojassa edelleen www.is.fi/digitoday/tietoturva/art-2000006434452.html Hyökkäys […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.