Daily NCSC-FI news followup 2021-02-16

France Ties Russia’s Sandworm to a Multiyear Hacking Spree

www.wired.com/story/sandworm-centreon-russia-hack/ A French security agency warns that the destructively minded group has exploited an IT monitoring tool from Centreon.. Centreon writes in its statement that “this is not a supply chain type attack and no parallel with other attacks of this type can be made in this case.”. In fact, DomainTools’ Slowik says the intrusions instead appear to have been carried out simply by exploiting internet-facing servers running Centreon’s software inside the victims’ networks.

North Korea may have hacked into Pfizer servers looking for COVID data

arstechnica.com/gadgets/2021/02/north-korea-may-have-hacked-into-pfizer-servers-looking-for-covid-data/ South Korea’s NIS warned lawmakers of Russian and North Korean hacking activity.

Beware of COVID19 vaccine scams and misinformation

www.welivesecurity.com/2021/02/16/beware-covid19-vaccine-scams-misinformation/ The vaccination push provides a vital shot in the arm for the worlds battle against the pandemic, but it’s also a topic ripe for exploitation by fraudsters and purveyors of misinformation

Kia Motors America experiences massive IT outage across the US

www.bleepingcomputer.com/news/security/kia-motors-america-experiences-massive-it-outage-across-the-us/ Kia Motors USA is experiencing a nationwide outage affecting IT servers, self-payment phone services, dealer platforms, and phone support.. One Twitter user shared that they could not pick up their car due to a ransomware attack taking down Kia’s systems.

Malvertisers exploited browser zero-day to redirect users to scams

www.bleepingcomputer.com/news/security/malvertisers-exploited-browser-zero-day-to-redirect-users-to-scams/ The ScamClub malvertising group used a zero-day vulnerability in the WebKit web browser engine to push payloads that redirected to gift card scams.

Misconfigured Baby Monitors Allow Unauthorized Viewing

threatpost.com/baby-monitors-unauthorized-viewing/163982/ Hundreds of thousands of individuals are potentially affected by this vulnerability.. The issue exists in the manufacturers implementation of the Real-Time Streaming Protocol (RTSP), which is a set of procedures used by various cameras to control their streaming media. Its possible to misconfigure its implementation, so that no authentication is needed for unknown parties to connect, according to the SafetyDetectives cybersecurity team.

How DNS-over-HTTPS (DoH) has Changed the Threat Landscape For Companies

quointelligence.eu/2021/02/dns-over-https-doh/ DNS-over-HTTPS (DoH) protocol is now offered and in some instances standard, in major Internet browsers. DoH provides the benefit of communicating DNS information over a secure HTTPS connection in an encrypted manner. . The protocol offers increased privacy for home-users but presents new challenges for enterprise networks and new opportunities for malicious actors. In order to prevent evolving threats from malware authors, organizations should stay updated and follow the latest security recommendations.

Supply chain attacks are on the rise: Check your software build pipeline security

www.zdnet.com/article/supply-chain-attacks-are-on-the-rise-check-your-software-build-pipeline-security/ Defending against supply chain attacks is more than trying to stop the theft of encryption keys to access protected cloud resources.

Recordhigh number of vulnerabilities reported in 2020

www.welivesecurity.com/2021/02/15/record-breaking-number-vulnerabilities-reported-2020/ High-severity and critical bugs disclosed in 2020 outnumber the sum total of vulnerabilities reported 10 years prior

LähiTapiola päästi hakkerit käymään konttorillaan turvakamerasta löytyi ikävä haavoittuvuus

www.tivi.fi/uutiset/tv/e46db25d-4b6f-459b-96b5-065bc4fced8f Järjestyksessään 11. Hack Day toteutettiin koronarajoitusten puitteissa.

This cybersecurity threat costs business millions. And it’s the one they often forget about

www.zdnet.com/article/this-cybersecurity-threat-costs-business-millions-and-its-the-one-they-often-forget-about/ Phishing emails that dupe users into sending cyber criminals wire transfers is by far the most lucrative form of cybercrime – here’s what you need to know.

DDoS attacks in Q4 2020


Introducing DNS Shotgun

en.blog.nic.cz/2021/02/16/introducing-dns-shotgun/ DNS Shotgun is a bechmarking tool specifically developed for realistic performance testing of DNS resolvers. Its goal is to simulate real clients and their behaviour, including timing of queries and realistic connection management, which are areas where traditional tools are lacking.

Bluetooth Overlay Skimmer That Blocks Chip

krebsonsecurity.com/2021/02/bluetooth-overlay-skimmer-that-blocks-chip/ I was interested to hear from a reader working security for a retail chain in the United States who recently found Bluetooth-enabled skimming devices placed over top of payment card terminals at several stores. Interestingly, these skimmers interfered with the terminals ability to read chip-based cards, forcing customers to swipe the stripe instead.

You might be interested in …

Daily NCSC-FI news followup 2020-09-11

New cyberattacks targeting U.S. elections blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/ In recent weeks, Microsoft has detected cyberattacks targeting people and organizations involved in the upcoming presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns, as detailed below.. Strontium, operating from Russia, has attacked more than 200 organizations including political campaigns, advocacy groups, parties […]

Read More

Daily NCSC-FI news followup 2021-01-31

5 Insights From NSA’s 2020 Cybersecurity Year In Review www.forbes.com/sites/louiscolumbus/2021/01/30/5-insights-from-nsas-2020-cybersecurity-year-in-review/ The report provides insights into the many accomplishments of the NSA Cybersecurity Directorate’s first full year of operations under the leadership of Ms. Anne Neuberger, Director of Cybersecurity. also: www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2466179/nsa-cybersecurity-2020-year-in-review/ Regulator Blasts NZ’s Stock Exchange Over DDoS Meltdown www.databreachtoday.co.uk/regulator-blasts-nzs-stock-exchange-over-ddos-meltdown-a-15881 New Zealand’s financial regulator has issued […]

Read More

Daily NCSC-FI news followup 2020-01-25

Kyberhäiriötilanteisiin kannattaa valmistautua jo etukäteen varautumista koskevat suositukset ja sääntely koottiin yhteen www.epressi.com/tiedotteet/tietoturva/kyberhairiotilanteisiin-kannattaa-valmistautua-jo-etukateen-varautumista-koskevat-suositukset-ja-saantely-koottiin-yhteen.html Huoltovarmuusorganisaation Digipooli ja Tietoliikenteen ja tietotekniikan keskusliitto FiCom ry ovat julkaisseet suositukset kyberturvallisuudestaan huolehtiville yrityksille sekä IT- ja tietoturvapalveluiden tarjoajille. Suosituksia tarjoillaan kolmeen vaiheeseen: ennen sopimista, palvelun ylläpidossa ja häiriötilanteissa huomioitaviin asioihin. Does Your Domain Have a Registry Lock? krebsonsecurity.com/2020/01/does-your-domain-have-a-registry-lock/ Hackers target […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.