Daily NCSC-FI news followup 2021-02-11

Vastaamon palvelimen portti 3306 oli auki nettiin 1, 5 vuotta ja kiristys alkoi jo 2018 julkisuuskatastrofia viivytettiin viimeiseen asti

www.is.fi/digitoday/tietoturva/art-2000007794906.html Vastaamon ensimmäisessä kiristysyrityksessä on saattanut olla kyse “roiskaisusta”, jossa tietomurtaja ei tiennyt, mitä hänellä oli käsissään. Vastaamon asiakastietokannan varastaminen johtui palvelimelle auki jätetystä tietoliikenneportista, joka oli auki 1, 5 vuoden ajan.

Lookout Discovers Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict

blog.lookout.com/lookout-discovers-novel-confucius-apt-android-spyware-linked-to-india-pakistan-conflict The Lookout Threat Intelligence team has discovered two novel Android surveillanceware Hornbill and SunBird. We believe with high confidence that these surveillance tools are used by the advanced persistent threat group (APT) Confucius, which first appeared in 2013 as a state-sponsored, pro-India actor primarily pursuing Pakistani and other South Asian targets.

Military, Nuclear Entities Under Target By Novel Android Malware

threatpost.com/military-nuclear-entities-under-target-by-novel-android-malware/163830/ The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.

Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

thehackernews.com/2021/02/iranian-hackers-utilize-screenconnect.html UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research.

Breached water plant employees used the same TeamViewer password and no firewall

arstechnica.com/information-technology/2021/02/breached-water-plant-employees-used-the-same-teamviewer-password-and-no-firewall/ Shortcomings illustrate the lack of security rigor in critical infrastructure environments.

Brazilian authorities start probe as 102 million consumers are exposed in new leak

www.zdnet.com/article/brazilian-authorities-start-probe-as-102-million-consumers-are-exposed-in-new-leak/ The National Data Protection Authority is investigating the country’s second largest data protection incident of 2021. Brazil’s National Data Protection Authority (ANPD, in the Portuguese acronym) has informed today (11) that it has started an investigation into the country’s second largest data leak of the year.

Singtel, QIMR Berghofer report Accellion-related data breaches

www.bleepingcomputer.com/news/security/singtel-qimr-berghofer-report-accellion-related-data-breaches/ Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software.

Hackers ask only $1, 500 for access to breached company networks

www.bleepingcomputer.com/news/security/hackers-ask-only-1-500-for-access-to-breached-company-networks/ The number of offers for network access and their median prices on the public posts on hacker forums dropped in the final quarter of last year but the statistics fail to reflect the real size of the initial access market.

VMware very strongly suggests TPM for all servers in tightened vSphere security guide

www.theregister.com/2021/02/11/new_vsphere_7_security_guidance/ Upgrades to version 7.0 are going to require your full attention, especially if you’re fond of VGA output

Slackista paljastui ikävä bugi Android-käyttäjiä kehotetaan vaihtamaan salasanansa

www.tivi.fi/uutiset/tv/f3b922cf-481a-4437-9ed6-d9822ff5031b Slack on lähettänyt sähköpostia niille käyttäjille, joiden salasanat ovat mahdollisesti vaarantuneet. Viestisovellus Slackiin lipsahti vuodenvaihteessa bugi, jonka vuoksi joidenkin Android-käyttäjien salasanat varastoitiin kuukauden ajan (21.1221.1.) sovellukseen selkokielisinä. Teoriassa olisi siis mahdollista, että muut laitteeseen asennetut sovellukset olisivat voineet päästä käsiksi Slack-salasanoihin.

Microsoft releases emergency fix for Windows 10 WiFi crashes

www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-fix-for-windows-10-wifi-crashes/ Microsoft has released an emergency KB5001028 out-of-band update to fix a bug causing Windows 10 to crash when connecting to WPA3 Wi-Fi networks.

Internet Explorer 11 zero-day vulnerability gets a free micropatch

www.bleepingcomputer.com/news/security/internet-explorer-11-zero-day-vulnerability-gets-a-free-micropatch/ An Internet Explorer 11 zero-day vulnerability used against security researchers, not yet fixed by Microsoft, today received a micropatch that prevents exploitation.

You might be interested in …

Daily NCSC-FI news followup 2020-01-29

EXCLUSIVE: The cyber attack the UN tried to keep under wraps www.thenewhumanitarian.org/investigation/2020/01/29/united-nations-cyber-attack The UN did not publicly disclose a major hacking attack into its IT systems in Europe a decision that potentially put staff, other organisations, and individuals at risk, according to data protection advocates.. also: apnews.com/0d958e15d7f5081dd612f07482f48b73 Someone Tried to Hack My Phone. Technology Researchers […]

Read More

Daily NCSC-FI news followup 2021-06-12

Tracking ransomware cryptocurrency payments: What now for Bitcoin? www.welivesecurity.com/2021/06/11/tracking-ransomware-cryptocurrency-payments/ Earlier this week, the Department of Justice announced it seized around $2.3 million worth of bitcoin (BTC 63.7) collected in the BTC 75 payment for Colonial Pipeline ransomware. Does this mean Bitcoin is hackable given enough computation horsepower?. For years Bitcoins weaknesses (or strengths, depending on […]

Read More

Daily NCSC-FI news followup 2021-06-25

Clop gang partners laundered $500 Million in ransomware payments thehackernews.com/2021/06/clop-gang-members-laundered-500-million.html The cybercrime ring that was apprehended last week in connection with Clop (aka Cl0p) ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities. While the bust was […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.