Daily NCSC-FI news followup 2021-03-26

German Parliament targeted again by Russian state hackers

www.bleepingcomputer.com/news/security/german-parliament-targeted-again-by-russian-state-hackers/ It is believed that the attackers were able to gain access to the email accounts of seven members of the German federal parliament (Bundestag) and 31 members of German regional parliaments. “The Ghostwriter campaign leverages traditional cyber threat activity and information operations tactics to promote narratives intended to chip away at NATO’s cohesion and undermine local support for the organization in Lithuania, Latvia, and Poland, ” FireEye said.

Kyberrikollisuus on poliisiasia uusi opas neuvoo yrityksiä kyberrikostilanteissa

www.epressi.com/tiedotteet/turvallisuus/kyberrikollisuus-on-poliisiasia-uusi-opas-neuvoo-yrityksia-kyberrikostilanteissa.html Kyberrikokset voivat aiheuttaa yrityksen toimintaan vakavia häiriöitä ja merkittävää taloudellista vahinkoa. Kyberrikoksen uhriksi joutuminen ei ole häpeä

SolarWinds patches critical code execution bug in Orion Platform

www.bleepingcomputer.com/news/security/solarwinds-patches-critical-code-execution-bug-in-orion-platform/

Apple fixes iOS zero-day vulnerability exploited in the wild

www.bleepingcomputer.com/news/security/apple-fixes-ios-zero-day-vulnerability-exploited-in-the-wild/ Apple has released security updates to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices. The zero-day was discovered in the Webkit browser engine and allows attackers to launch universal cross-site scripting attacks after tricking targets into opening maliciously crafted web content on their devices.

Insurance Giant CNA Hit with Novel Ransomware Attack

threatpost.com/cna-hit-novel-ransomware/165044/ The incident, which forced the company to disconnect its systems, caused significant business disruption. The attack occurred earlier this week and leveraged a new variant of the Phoenix CryptoLocker malware.

Hades ransomware operators are hunting big game in the US

www.zdnet.com/article/hades-ransomware-operators-are-hunting-big-game-in-the-us/ Accenture says that the threat actors are focused on hunting organizations that generate at least $1 billion in annual revenue. See also:

www.accenture.com/us-en/blogs/cyber-defense/unknown-threat-group-using-hades-ransomware

New Advanced Android Malware Posing as “System Update”

blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/ The new malware disguises itself as a System Update application, and is stealing data, messages, images and taking control of Android phones. Once in control, hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more

You might be interested in …

Daily NCSC-FI news followup 2019-12-02

Meet PyXie: A Nefarious New Python RAT threatvector.cylance.com/en_us/home/meet-pyxie-a-nefarious-new-python-rat.html BlackBerry Cylance researchers have recently discovered a previously unnamed Python RAT were calling PyXie. PyXie has been observed in the wild since at least 2018 without much attention from the cybersecurity industry.. PyXie has been deployed in an ongoing campaign that targets a wide range of industries. […]

Read More

Daily NCSC-FI news followup 2020-02-04

TeamViewer whynotsecurity.com/blog/teamviewer/ TL;DR: TeamViewer stored user passwords encrypted with AES-128-CBC with they key of 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 in the Windows registry. If the password is reused anywhere, privilege escalation is possible. If you do not have RDP rights to machine but TeamViewer is installed, you can use TeamViewer to remote in. TeamViewer also […]

Read More

Daily NCSC-FI news followup 2020-03-14

Etätyö kaatoi valtion salatun verkkoyhteyden työntekijöiltä estetään Facebookiin pääsy ensi viikolla yle.fi/uutiset/3-11255717 Moni työpaikka kehottaa nyt tekemään etätöitä koronaviruksen leviämisen estämiseksi. Salattuja eli VPN-verkkoyhteyksiä ei ole kuitenkaan suunniteltu siten, että suurin osa työntekijöistä olisi etätöissä. Silloin ne saattavat kaatua. Kapasiteettia kuormittaa käyttäjämäärän lisäksi se, mitä käyttäjät tekevät verkossa. Esimerkiksi videoiden katsominen kuormittaa verkkoa. Keskisuurissa ja […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.