Daily NCSC-FI news followup 2021-03-30

Älä ole hiljaa: 7 syytä, joiden vuoksi verkkorötöksistä kannattaa tehdä rikosilmoitus

www.is.fi/digitoday/tietoturva/art-2000007889042.html Kyberrikokset tulisi ilmoittaa poliisille, uusi Kyberrikollisuus on poliisiasia -opas kertoo. Suuri osa kyberrikoksista jää ilmoittamatta poliisille. Tähän tärkeimmät syyt ovat epäröinti käynnistää prosessi esimerkiksi negatiivisen julkisuuden pelossa, pelko omien virheiden paljastumisesta, sekä hyötyjen ja haittojen punnitseminen, johon kuuluu muun muassa uskomus rikollisen kiinni saamisen epätodennäköisyydestä.

Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks

blog.f-secure.com/attack-landscape-update-h1-2021/ Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are some of the critical threats facing organizations highlighted in F-Secure’s latest attack landscape update.

Fileless Malware Attacks Surge by 900% and Cryptominers Make a Comeback

www.pandasecurity.com/en/mediacenter/news/internet-security-report-q4-watchguard/ Among its most notable findings, the report reveals that fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019.

PYSA, the ransomware attacking schools

blog.malwarebytes.com/threat-spotlight/2021/03/pysa-the-ransomware-attacking-schools/ The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March, put schools in the US and UK on notice of increased attacks from the threat actors behind the PYSA ransomware.

Whistleblower: Ubiquiti Breach “Catastrophic”

krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ Ubiquiti Inc. – a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.

Unfair exchange: ransomware attacks surge globally amid Microsoft Exchange Server vulnerabilities

blog.checkpoint.com/2021/03/30/unfair-exchange-ransomware-attacks-surge-globally-amid-microsoft-exchange-server-vulnerabilities/ Over the past year, hospitals and the healthcare industry have been under tremendous pressure during the COVID-19 pandemic, not only dealing with surges in patient numbers, but also with shameless ransomware attacks. It now seems that criminals are shifting their attention to new targets, because they sense even easier opportunities for their extortion tactics.

Akamai Sees Largest DDoS Extortion Attack Known to Date

www.securityweek.com/akamai-sees-largest-ddos-extortion-attack-known-date Distributed denial of service (DDoS) attacks are growing bigger in volume, and they have also become more targeted and increasingly persistent, according to web security services provider Akamai. The most recent extortion attack peaking at more than 800 Gbps and targeting a European gambling company, was the biggest and most complex we’ve seen since the widespread return of extortion attacks that kicked off in mid-August 2020.

New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats

www.microsoft.com/security/blog/2021/03/30/new-security-signals-study-shows-firmware-attacks-on-the-rise-heres-how-microsoft-is-working-to-help-eliminate-this-entire-class-of-threats/ Recently, Microsoft commissioned a study that showed how attacks against firmware are outpacing investments targeted at stopping them. The March 2021 Security Signals report showed that more than 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware.

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

securelist.com/apt10-sophisticated-multi-layered-loader-ecipekac-discovered-in-a41apt-campaign/101519/ In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing industry and its overseas operations, that was designed to steal information. A41APT is a long-running campaign with activities detected from March 2019 to the end of December 2020. Most of the discovered malware families are fileless malware and they have not been seen before.

You might be interested in …

Daily NCSC-FI news followup 2020-08-28

Is China the World’s Greatest Cyber Power? www.darkreading.com/threat-intelligence/is-china-the-worlds-greatest-cyber-power/d/d-id/1338778 The nation’s aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen […]

Read More

Daily NCSC-FI news followup 2020-02-17

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/ Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.. Source: www.clearskysec.com/fox-kitten/ Austria: Cyber attack on the Foreign Ministry is over www.bmeia.gv.at/en/the-ministry/press/announcements/2020/02/cyber-attack-on-the-foreign-ministry-is-over/ After really intensive work and excellent cooperation between all […]

Read More

Daily NCSC-FI news followup 2021-01-20

Tietoturva ei ole luksustuote www.tivi.fi/uutiset/tv/465d7ff0-5446-4ca6-ac28-6d1850a26112 “Rahalla ei voi ostaa yrityksen sisäistä viestintää ja uskallusta myöntää virheet. Mikään määrä tietoturvatyökaluja ei pelasta, jos yrityksessä henkilöstö pelkää oman työnsä puolesta tai heitä ei oteta tosissaan virheen sattuessa kohdalle.”. “Lopulta monimutkaisiin ongelmiin ratkaisut voivat löytyä läheltä, omista työntekijöistä ja yrityksen omasta kulttuurista. Tietoturva on holistista ja sen pitäisi […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.