Vastaamon tietomurrosta seuraa jotain hyvääkin: suomalaisille uusi verkkopalvelu voit jo testata
www.tivi.fi/uutiset/tv/fedd3f89-7853-4b68-b851-a9608706a533 Ensimmäisessä vaiheessa Suomi.fi-sivustolle kootaan identiteettivarkauksia ja tietomurtoa koskevat ohjeistukset ja palvelut helppokäyttöiseksi kansalaista toimimaan opastavaksi poluksi. Tämä kokonaisuus valmistuu huhtikuussa 2021 yhteistyössä hankkeessa mukana olevan verkoston kanssa.. Kevään aikana palveluun tuodaan myös mahdollisuus hallinnoida osaa Digi- ja väestötietovirastolle tehtävistä kielloista. Tällaisia ovat väestötietojärjestelmään tehtävät tietojenluovutuskiellot ja osoitteenmuutoksen tekemistä koskevat kiellot (ns. muuttoesto).
Koulujen Wilma-palveluun saapui viime viikolla viesti, jota tutkii nyt poliisi lähes jokaisen väärinkäytön taustalla on sama ongelma, sanoo ohjelmistoyhtiön toimitusjohtaja
yle.fi/uutiset/3-11816741?origin=rss Kaksivaiheinen tunnistautuminen voisi ehkäistä väärinkäytöksiä, mutta kaikissa kunnissa se ei ole vielä käytössä. Poliisi tutkii palvelussa lähetettyä pommiuhkausta.
Malaysia Airlines discloses a nine-year-long data breach
www.bleepingcomputer.com/news/security/malaysia-airlines-discloses-a-nine-year-long-data-breach/ According to Malaysia Airlines, the breach occurred at a third-party IT service provider who notified the airline that member data was exposed between March 2010 and June 2019.
ObliqueRAT returns with new campaign using hijacked websites
blog.talosintelligence.com/2021/02/obliquerat-new-campaign.html The usage of compromised websites is another attempt at detection evasion. The adversaries have also introduced steganography as a way to hide the ObliqueRAT payloads in image files. This technique is novel to ObliqueRAT’s distribution chain (not observed in the past).
Microsoft Teams Issues Major Blow To Zoom With Game-Changing New Security Features
www.forbes.com/sites/kateoflahertyuk/2021/03/02/microsoft-teams-issues-major-blow-to-zoom-with-game-changing-new-security-features/ In the first release, customers will have the ability to enable end-to-end encryptionwhich means no one can access video chats, including Microsoft, and law enforcementfor 1:1 Teams calls for designated users. Microsoft says it is just the beginning of the E2EE work to expand to online meetings soon.
Security design with principles
medium.com/ouspg/security-design-with-principles-a8c045765b93 These ten secure design principles are mostly about avoiding unwanted features in the system. This either means dropping extra functionality altogether or controlling the access to the required functionality. Access control may call for implementing additional security features in your system.
‘It was human error’: Cyberattacks took place but didn’t cause Mumbai power outage, says govt
timesofindia.indiatimes.com/india/2020-mumbai-power-outage-caused-by-human-error-not-cyber-attack-union-power-minister/articleshow/81292545.cms Union power minister RK Singh on Tuesday denied reports that Chinese cyberattacks led to a major power outage in Mumbai last year, saying there is no evidence to connect the grid failure to a hacking attempt.
Malicious NPM packages target Amazon, Slack with new dependency attacks
www.bleepingcomputer.com/news/security/malicious-npm-packages-target-amazon-slack-with-new-dependency-attacks/ That is until today when open-source security firm Sonatype discovered malicious packages targeting applications related to Amazon, Zillow, Lyft, and Slack to steal passwords and open remote shells.. While we have seen numerous security researchers impersonate Birsan’s work by creating harmless PoCs to earn bug bounties, we had not seen any malicious activities.That is until today when open-source security firm Sonatype discovered malicious packages targeting applications related to Amazon, Zillow, Lyft, and Slack to steal passwords and open remote shells.
The Hijacking of Perl.com
www.perl.com/article/the-hijacking-of-perl-com/ This part veers into some speculation, and Perl.com wasnt the only victim. We think that there was a social engineering attack on Network Solutions, including phony documents and so on. Theres no reason for Network Solutions to reveal anything to me (again, Im not the injured party), but I did talk to other domain owners involved and this is the basic scheme they reported.. John Berryhill provided some forensic work in Twitter that showed the compromise actually happened in September. The domain was transferred to the BizCN registrar in December, but the nameservers were not changed. The domain was transferred again in January to another registrar, Key Systems, GmbH. This latency period avoids immediate detection, and bouncing the domain through a couple registrars . makes the recovery much harder.
Python Package Index nukes 3,653 malicious libraries uploaded soon after security shortcoming highlighted
www.theregister.com/2021/03/02/python_pypi_purges/ Last month, security researcher Alex Birsan demonstrated how easy it is to take advantage of these systems through a form of typosquatting that exploited the interplay between public and private package registries.. The deluge of malicious Python packages over the past week included unauthorized versions of projects like CuPy, an implementation of NumPy-compatible multi-dimensional array on CUDA, Nvidia’s parallel computing platform.
Cyber Attack on the Ministry of Finance of Kosovo
exit.al/en/2021/03/01/cyber-attack-on-the-ministry-of-finance-of-kosovo/ The Ministry of Finance in Kosovo was a target of a cyber attack, Kosovo media reported on Sunday.. It was reported that the cyber attack took place in the Tax Department.
Far-Right Platform Gab Has Been HackedIncluding Private Data
www.wired.com/story/gab-hack-data-breach-ddosecrets/ The transparency group DDoSecrets says it will make the 70 GB of passwords, private posts, and more available to researchers, journalists, and social scientists.
Cyber Threats 2020: A Year in Retrospect
www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf In a continuation from 2019, there were several instances of espionage threat actors being linked to financially motivated activity. These dual motivations are likely due to activity being performed for personal gain as opposed to a wider shift in operational objectives.. However the variation in activity, in terms of a deviation in expected targeting and tooling, provides extra challenges in both defence and attribution efforts. 2020 also saw a number of hacker-for-hire operations publicly exposed, changing our traditional understanding of espionage activity.
The Norwegian Intelligence Services assessment of current security challenges
www.forsvaret.no/aktuelt-og-presse/publikasjoner/fokus/rapporter/Focus2021-english.pdf/_/attachment/inline/450b1ed0-1983-4e6b-bc65-4aa7631aa36f:21c5241a06c489fa1608472c3c8ab855c0ac3511/Focus2021-en… As you will see when you read Focus, the superpowers use a variety of means, and the security challenges span across many sectors, blurring the distinction between state security. and public safety. Especially in the cyber domain, the means are used continuously, adapted. to the situation and the level of tension. This emphasises the need for close cooperation. between Norways secret services, police, defence and other authorities
news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/ To accomplish this phase of the attack, the operators of Gootloader must maintain a network of servers hosting hacked, legitimate websites (we estimate roughly 400 such servers are in operation at any given time). The example shown above belongs to a legitimate business, a neonatal medical practice based in Canada. … Google itself indicates the result is not an ad, and they have known about the . site for nearly seven years. To the end user, the entire thing looks on the up-and-up.. In our experience, many of these hacked sites serving the fake message board are running a well-known content management system, to which the threat actors make modifications that subtly rewrite how the contents of the website are presented to certain visitors, based on characteristics of the individual visitors (including how they arrive on the hacked site).
Cybercrime ‘Help Wanted’: Job Hunting on the Dark Web
www.darkreading.com/theedge/cybercrime-help-wanted-job-hunting-on-the-dark-web/b/d-id/1340265 Yes, there are “criminal job boards” in the traditional sense on the Dark Web. The Edge spoke with several security researchers, including the Photon Research Team at Digital Shadows, about the growing number of English- and Russian-language Dark Web forums that feature job boards with specific sections dedicated to the topic of recruitment and the skills required.
