Daily NCSC-FI news followup 2021-03-13

Protecting on-premises Exchange Servers against recent attacks

www.microsoft.com/security/blog/2021/03/12/protecting-on-premises-exchange-servers-against-recent-attacks/ For the past few weeks, Microsoft and others in the security industry have seen an increase in attacks against on-premises Exchange servers. The target of these attacks is a type of email server most often used by small and medium-sized businesses, although larger organizations with on-premises Exchange servers have also been affected. This is now what we consider a broad attack, and the severity of these exploits means protecting your systems is critical. While Microsoft has regular methods for providing tools to update software, this extraordinary situation calls for a heightened approach.

Kyberhyökkäys näkyy Telialla firmojen sähköpostit nurin kolmatta päivää

www.is.fi/digitoday/tietoturva/art-2000007856648.html Teleoperaattori Telian omistaman hosting- ja nettipalveluyritys Telia Inmics-Nebulan sähköpostipalvelut ja kalenteri ovat poissa käytössä kolmatta päivää, eikä katkon pituuden jatkumisesta ole tietoa. Tilanne koskee tuhansia palvelua käyttäviä yrityskäyttäjiä. Telian tiedote:

www.inmicsnebula.fi/fi/tiedotteet/kriittinen-microsoft-exchange-haavoittuvuus-havaittu-telia-inmics-nebulan

Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild

thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html Google has addressed yet another actively exploited zero-day in Chrome browser, marking the second such fix released by the company within a month. While the update contains a total of five security fixes, the most important flaw rectified by Google concerns a use after free vulnerability in its Blink rendering engine. The bug is tracked as CVE-2021-21193.

Europol Credits Sweeping Arrests to Cracked Sky ECC Comms

threatpost.com/europol-arrests-cracked-sky-ecc/164744/ Europol launched “major interventions” against organized crime on March 9, which it said were made possible by monitoring the encrypted messages of around 70, 000 users of the Sky ECC service since mid-February. Sky ECC, which focuses on selling mobile phones with specialized, private communications, denies that the messages on its platform were decrypted. However, sweeping arrests across Belgium, France and the Netherlands reported by Europol, in coordination with those countries’ law-enforcement authorities, seem to indicate otherwise.

Chinese universities connected to known APTs are conducting AI/ML cybersecurity research

therecord.media/chinese-universities-connected-to-known-apts-are-conducting-ai-ml-cybersecurity-research/ At least six major Chinese universities with previous connections to government-backed hacking groups have been conducting research on the intersection of cybersecurity and machine learning. In a paper titled “Academics, AI, and APTs, ” the Center for Security and Emerging Technology at Georgetown University warns that the research conducted today in these Chinese universities today could soon be integrated into the techniques used by Chinese state-sponsored hackers (APTs). also (PDF):

cset.georgetown.edu/wp-content/uploads/CSET-Academics-AI-and-APTs.pdf

15-year-old Linux kernel bugs let attackers gain root privileges

www.bleepingcomputer.com/news/security/15-year-old-linux-kernel-bugs-let-attackers-gain-root-privileges/ Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. These security bugs can only be exploited locally, which means that potential attackers will have to gain access to vulnerable devices by exploiting another vulnerability or using an alternative attack vector.

Laura Ristimäen 16-vuotiaana syttynyt nettiromanssi päättyi hyvin, mutta toisenlaisiakin tarinoita riittää peitetehtävissä toiminut ex-poliisi kertoo, miten huijarin tunnistaa

yle.fi/uutiset/3-11810570 Ihastumisen tunnekuohussa kannattaa kysyä, mitä jos tämä tapahtuisi ystävälleni? Iloitsisinko vai varoittaisin?

You might be interested in …

Daily NCSC-FI news followup 2021-03-30

Älä ole hiljaa: 7 syytä, joiden vuoksi verkkorötöksistä kannattaa tehdä rikosilmoitus www.is.fi/digitoday/tietoturva/art-2000007889042.html Kyberrikokset tulisi ilmoittaa poliisille, uusi Kyberrikollisuus on poliisiasia -opas kertoo. Suuri osa kyberrikoksista jää ilmoittamatta poliisille. Tähän tärkeimmät syyt ovat epäröinti käynnistää prosessi esimerkiksi negatiivisen julkisuuden pelossa, pelko omien virheiden paljastumisesta, sekä hyötyjen ja haittojen punnitseminen, johon kuuluu muun muassa uskomus rikollisen kiinni […]

Read More

Daily NCSC-FI news followup 2020-03-11

Warning Unpatched Critical ‘Wormable’ Windows SMBv3 Flaw Disclosed thehackernews.com/2020/03/smbv3-wormable-vulnerability.html Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol. Beware of ‘Coronavirus Maps’ It’s a malware […]

Read More

Daily NCSC-FI news followup 2021-04-09

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof cybernews.com/news/stolen-data-of-500-million-linkedin-users-being-sold-online-2-million-leaked-as-proof-2/ An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author. Critical Zoom vulnerability […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.