Daily NCSC-FI news followup 2021-02-10

Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7

www.zdnet.com/article/following-oldsmar-attack-fbi-warns-about-using-teamviewer-and-windows-7/ An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer.

French MNH health insurance company hit by RansomExx ransomware

www.bleepingcomputer.com/news/security/french-mnh-health-insurance-company-hit-by-ransomexx-ransomware/ French health insurance company Mutuelle Nationale des Hospitaliers (MNH) has suffered a ransomware attack that has severely disrupted the company’s operations.

North Korean attacks on crypto exchanges reportedly netted $316m in two years

www.theregister.com/2021/02/10/north_korea_cryptocurrency/ United Nations sanctions made silly by sloppy security. North Korean attacks on crypto exchanges reportedly netted an estimated $316m in cryptocurrency in 2019 and 2020, according to a report by Japan’s Nikkei.

Adobe patches wave of critical bugs in Magento, Acrobat, Reader

www.zdnet.com/article/adobe-patches-wave-of-critical-bugs-in-magento-acrobat-reader/ Some of the vulnerabilities were reported through a hacking contest.

Hybrid, Older Users Most-Targeted by Gmail Attackers

threatpost.com/hybrid-older-users-gmail-attackers/163826/ Researchers at Google and Stanford analyzed a 1.2 billion malicious emails to find out what makes users likely to get attacked. 2FA wasn’t a big factor.

SIM hijackers arrested after stealing millions from US celebrities

www.bleepingcomputer.com/news/security/sim-hijackers-arrested-after-stealing-millions-from-us-celebrities/ Ten men part of a criminal gang involved in series of SIM swapping attacks targeting high-profile victims in the United States were arrested in the UK, Malta, and Belgium.

Microsoft now forces secure RPC to block Windows Zerologon attacks

www.bleepingcomputer.com/news/security/microsoft-now-forces-secure-rpc-to-block-windows-zerologon-attacks/ Microsoft has enabled enforcement mode for updates addressing the Windows Zerologon vulnerability on all devices that installed this month’s Patch Tuesday security updates.

Daily NCSC-FI news followup 2020-06-19

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy krebsonsecurity.com/2020/06/fema-it-specialist-charged-in-id-theft-tax-refund-fraud-conspiracy/ An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and […]

Daily NCSC-FI news followup 2021-03-27

Google’s top security teams unilaterally shut down a counterterrorism operation www.technologyreview.com/2021/03/26/1021318/google-security-shut-down-counter-terrorist-us-ally/ Google’s Project Zero and Threat Analysis Group teams found the hacking group exploiting 11 zero-day vulnerabilities in just nine months, a high number of exploits over a short period. Software that was attacked included the Safari browser on iPhones but also many Google products, […]

Daily NCSC-FI news followup 2019-08-22

TechCrunch: T-Mobile hit by hours-long nationwide outage techcrunch.com/2019/08/21/t-mobile-outage/ Viranomaissivustot toimivat taas, iltapäivän palvelunestohyökkäys ohi “Palvelunestohyökkääjä löytänyt aivan uudenlaisen tavan päästä läpi” yle.fi/uutiset/3-10934147 Palvelunestohyökkäys kohdistui muun muassa poliisin ja hätäkeskuksen verkkopalveluihin. Fonectalla laaja tietovuoto: Tavallisella käyttäjätunnuksella on päässyt käsiksi ainakin 150 000 ihmisen arkaluontoisiin henkilötietoihin www.hs.fi/kotimaa/art-2000006212884.html Yrityksille ja järjestöille tarkoitetussa asiakasrekisteripalvelussa yksi tavallisen käyttäjätunnuksen omistaja on […]