Daily NCSC-FI news followup 2021-02-11

Vastaamon palvelimen portti 3306 oli auki nettiin 1, 5 vuotta ja kiristys alkoi jo 2018 julkisuuskatastrofia viivytettiin viimeiseen asti

www.is.fi/digitoday/tietoturva/art-2000007794906.html Vastaamon ensimmäisessä kiristysyrityksessä on saattanut olla kyse “roiskaisusta”, jossa tietomurtaja ei tiennyt, mitä hänellä oli käsissään. Vastaamon asiakastietokannan varastaminen johtui palvelimelle auki jätetystä tietoliikenneportista, joka oli auki 1, 5 vuoden ajan.

Lookout Discovers Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict

blog.lookout.com/lookout-discovers-novel-confucius-apt-android-spyware-linked-to-india-pakistan-conflict The Lookout Threat Intelligence team has discovered two novel Android surveillanceware Hornbill and SunBird. We believe with high confidence that these surveillance tools are used by the advanced persistent threat group (APT) Confucius, which first appeared in 2013 as a state-sponsored, pro-India actor primarily pursuing Pakistani and other South Asian targets.

Military, Nuclear Entities Under Target By Novel Android Malware

threatpost.com/military-nuclear-entities-under-target-by-novel-android-malware/163830/ The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.

Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

thehackernews.com/2021/02/iranian-hackers-utilize-screenconnect.html UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research.

Breached water plant employees used the same TeamViewer password and no firewall

arstechnica.com/information-technology/2021/02/breached-water-plant-employees-used-the-same-teamviewer-password-and-no-firewall/ Shortcomings illustrate the lack of security rigor in critical infrastructure environments.

Brazilian authorities start probe as 102 million consumers are exposed in new leak

www.zdnet.com/article/brazilian-authorities-start-probe-as-102-million-consumers-are-exposed-in-new-leak/ The National Data Protection Authority is investigating the country’s second largest data protection incident of 2021. Brazil’s National Data Protection Authority (ANPD, in the Portuguese acronym) has informed today (11) that it has started an investigation into the country’s second largest data leak of the year.

Singtel, QIMR Berghofer report Accellion-related data breaches

www.bleepingcomputer.com/news/security/singtel-qimr-berghofer-report-accellion-related-data-breaches/ Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software.

Hackers ask only $1, 500 for access to breached company networks

www.bleepingcomputer.com/news/security/hackers-ask-only-1-500-for-access-to-breached-company-networks/ The number of offers for network access and their median prices on the public posts on hacker forums dropped in the final quarter of last year but the statistics fail to reflect the real size of the initial access market.

VMware very strongly suggests TPM for all servers in tightened vSphere security guide

www.theregister.com/2021/02/11/new_vsphere_7_security_guidance/ Upgrades to version 7.0 are going to require your full attention, especially if you’re fond of VGA output

Slackista paljastui ikävä bugi Android-käyttäjiä kehotetaan vaihtamaan salasanansa

www.tivi.fi/uutiset/tv/f3b922cf-481a-4437-9ed6-d9822ff5031b Slack on lähettänyt sähköpostia niille käyttäjille, joiden salasanat ovat mahdollisesti vaarantuneet. Viestisovellus Slackiin lipsahti vuodenvaihteessa bugi, jonka vuoksi joidenkin Android-käyttäjien salasanat varastoitiin kuukauden ajan (21.1221.1.) sovellukseen selkokielisinä. Teoriassa olisi siis mahdollista, että muut laitteeseen asennetut sovellukset olisivat voineet päästä käsiksi Slack-salasanoihin.

Microsoft releases emergency fix for Windows 10 WiFi crashes

www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-fix-for-windows-10-wifi-crashes/ Microsoft has released an emergency KB5001028 out-of-band update to fix a bug causing Windows 10 to crash when connecting to WPA3 Wi-Fi networks.

Internet Explorer 11 zero-day vulnerability gets a free micropatch

www.bleepingcomputer.com/news/security/internet-explorer-11-zero-day-vulnerability-gets-a-free-micropatch/ An Internet Explorer 11 zero-day vulnerability used against security researchers, not yet fixed by Microsoft, today received a micropatch that prevents exploitation.

You might be interested in …

Daily NCSC-FI news followup 2021-03-07

Biden administration labels China top tech threat, promises proportionate responses to cyberattacks www.theregister.com/2021/03/05/bide_administration_interim_national_security_guidance/ That assessment was offered in a new Interim National Security Guidance [PDF] issued on Wednesday, in which the administration also outlines plans to seek more regulation of advanced technologies and an intention to strike back after cyberattacks.. Guidance document at www.whitehouse.gov/wp-content/uploads/2021/03/NSC-1v2.pdf AdGuard […]

Read More

Daily NCSC-FI news followup 2020-01-08

No, the US Army isnt drafting you for WWIII by text message www.theverge.com/2020/1/7/21055797/us-army-draft-ww3-scam-text-message-fake On Tuesday, the Army put out a news bulletin alerting the public of fraudulent text messages from people claiming to be recruiters. Some texts tell the person receiving them to head to their local recruiting office for immediate departure to Iran. Others […]

Read More

Daily NCSC-FI news followup 2019-10-26

U.N., UNICEF, Red Cross Under Ongoing Mobile Attack threatpost.com/un-unicef-red-cross-mobile-attack/149556/ A smart mobile-first phishing effort uses valid certificates to sign fake Office 365 pages, and logs keystrokes in real time. An ongoing, mobile-focused phishing campaign is targeting the United Nations and several humanitarian aid organizations, including UNICEF, the Red Cross and UN World Food. The campaign […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.