Daily NCSC-FI news followup 2021-02-15

Sandworm intrusion set campaign targeting Centreon systems

www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-005/ ANSSI has been informed of an intrusion campaign targeting the monitoring software Centreon distributed by the French company CENTREON which resulted in the breach of several French entities.. see full report

www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf

Microsoft: SolarWinds attack took more than 1,000 engineers to create

www.zdnet.com/article/microsoft-solarwinds-attack-took-more-than-1000-engineers-to-create/ The months-long hacking campaign that affected US government agencies and cybersecurity vendors was “the largest and most sophisticated attack the world has ever seen,” Microsoft president Brad Smith has said, and involved a vast number of developers.. Microsoft, which was also breached by the bad Orion update, assigned 500 engineers to investigate the attack said Smith, but the (most likely Russia-backed) team behind the attack had more than double the engineering resources.

Oululainen Kati sai huonolla hetkellä tulleesta tekstarista 630 euron laskun sitten puhelimeen kilahti 10 sekunnissa satoja viestejä

www.is.fi/digitoday/tietoturva/art-2000007799834.html 630 euron lasku syntyi hetkessä huijausviestin osuttua todella uskottavaan saumaan.

Valkohattuhakkeri paljasti suomalaisten suosimat salasanat älä missään nimessä käytä mitään tältä listalta

www.is.fi/digitoday/tietoturva/art-2000007804375.html Suomalaisten salasanat ovat saaneet kansainvälistä väriä kahdessa vuodessa.

270 addresses are responsible for 55% of all cryptocurrency money laundering

www.zdnet.com/article/270-addresses-are-responsible-for-55-of-all-cryptocurrency-money-laundering/ Most cryptocurrency money laundering is concentrated in a few online services, opening the door for law enforcement actions.

Google Chrome, Microsoft Edge getting this Intel security feature

www.bleepingcomputer.com/news/security/google-chrome-microsoft-edge-getting-this-intel-security-feature/ Chromium-based browsers such as Microsoft Edge and Google Chrome will soon support the Intel CET security feature to prevent a wide range of vulnerabilities.

22-vuotias kiukustui asumisyksikön sääntöihin tilasi nettihyökkäyksen ja jumitti järjestelmän

www.is.fi/digitoday/tietoturva/art-2000007804798.html Vastaajan mielestä asumisyksikkö rajoitti kavereiden menemisiä liikaa.

Microsoft will alert Office 365 admins of Forms phishing attempts

www.bleepingcomputer.com/news/security/microsoft-will-alert-office-365-admins-of-forms-phishing-attempts/ Microsoft is adding new security warnings to the Security and Compliance Center (SCC) default alert policies to inform IT admins of detected phishing attempts abusing Microsoft Forms in their tenants.

Spam and phishing in 2020

securelist.com/spam-and-phishing-in-2020/100512/

The weirdest hacking techniques youve never heard of

www.pandasecurity.com/en/mediacenter/mobile-news/weirdest-hacking-techniques/

You might be interested in …

Daily NCSC-FI news followup 2021-01-12

Going Rogue a Mastermind Behind Android Malware Returns with a New RAT blog.checkpoint.com/2021/01/12/going-rogue-a-mastermind-behind-android-malware-returns-with-a-new-rat/ Now more than ever, we rely on our smartphones to keep in touch with our work, our families and the world around us. There are over 3.5 billion smartphone users worldwide, and it is estimated that over 85% of those devices around […]

Read More

Daily NCSC-FI news followup 2019-12-28

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/ The systems encrypted by Ryuk Ransomware directly impacted the facility’s “entire corporate IT network (beyond the footprint of the facility)” [emphasis ours] and physical access and camera control systems, and it also led to “loss of critical process control monitoring systems.” Ransomware Hits Maastricht […]

Read More

Daily NCSC-FI news followup 2021-02-12

Tori.fissä kaksi kieroa huijausta varo tällaisia yhteydenottoja www.is.fi/digitoday/tietoturva/art-2000007799557.html Meneillään on kaksi erilaista huijauskampanjaa. Tori.fi antaa kolme turvavinkkiä. After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy hotforsecurity.bitdefender.com/blog/after-hackers-blackmailed-their-clients-finnish-therapy-firm-declares-bankruptcy-25313.html Vastaamo, the Finnish psychotherapy practice that covered up a horrific security breach which resulted in patients receiving blackmail threats, has declared itself bankrupt.. According to data collected […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.