Daily NCSC-FI news followup 2021-02-21

Experian challenged over massive data leak in Brazil

www.zdnet.com/article/experian-challenged-over-massive-data-leak-in-brazil Consumer rights body criticizes explanations from the credit bureau in relation to the data exposure of over 220 million citizens. After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and said it is likely that the incident was initiated in a corporate environment.

Kroger data breach exposes pharmacy and employee data

www.bleepingcomputer.com/news/security/kroger-data-breach-exposes-pharmacy-and-employee-data/ Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. Kroger is one of the largest retailers in the world, with almost 2, 800 stores in 35 states. Kroger employs approximately 500, 000 people and had over $122 billion in sales for 2019.

IronNetInjector: Turla’s New Malware Loading Tool

unit42.paloaltonetworks.com/ironnetinjector/ In recent years, more and more ready-made malware is released on software development hosting sites available for everybody to use including threat actors. This not only saves the bad guys development time, but also makes it much easier for them to find new ideas to prevent detection of their malware. Unit 42 researchers have found several malicious IronPython scripts whose purpose is to load and run Turla’s malware tools on a victim’s system. The use of IronPython for malicious purposes isn’t new, but the way Turla uses it is new. The overall method is known as Bring Your Own Interpreter (BYOI).

Warning: Google Alerts abused to push fake Adobe Flash updater

www.bleepingcomputer.com/news/security/warning-google-alerts-abused-to-push-fake-adobe-flash-updater/ Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users’ computers. The threat actors create fake stories with titles containing popular keywords that Google Search then indexes. Once indexed, Google Alerts will alert people who are following those keywords.

You might be interested in …

Daily NCSC-FI news followup 2020-08-29

Emotet malware’s new ‘Red Dawn’ attachment is just as dangerous www.bleepingcomputer.com/news/security/emotet-malwares-new-red-dawn-attachment-is-just-as-dangerous/ The Emotet botnet has begun to use a new template for their malicious attachments, and it is just as dangerous as ever. After a five-month “vacation, ” the Emotet malware returned in July 2020 and began to spew massive amounts of malicious spam worldwide. […]

Read More

Daily NCSC-FI news followup 2019-12-07

The Week in Ransomware – December 6th 2019 – ‘We have seen better days’ www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-6th-2019-we-have-seen-better-days/ With this article we are bringing you the latest ransomware news that occurred over the past two weeks. The news is a still a little light due to some of us taking vacations, but we should be back up to […]

Read More

Daily NCSC-FI news followup 2020-12-19

Tietoturva NYT! – SolarWinds Orion Platformin takaovi mahdollisti vakoilun ja tietomurtoja www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/solarwinds-orion-platformin-takaovi-mahdollisti-vakoilun-ja-tietomurtoja SolarWinds Orion Platform -hallintatyökaluun lisätty takaovi on merkittävä tietoturvatapaus. Tietomurron ja vakoilun mahdollistanut takaovi onnistuttiin levittämään tuhansiin organisaatioihin. Työkalun haavoittuvaa versiota käyttävien organisaatioiden pyydetään olemaan yhteydessä Kyberturvallisuuskeskukseen. Lue myös: yle.fi/uutiset/3-11707606 Google OAuth incident – 14.12.2020 status.cloud.google.com/incident/zall/20013 On Monday 14 December, 2020, for a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.