Daily NCSC-FI news followup 2021-04-05

Supply chain attacks: what we know about the SolarWinds Sunburst’ exploit, and why it still matters

blog.checkpoint.com/2021/04/05/supply-chain-attacks-what-we-know-about-the-solarwinds-sunburst-exploit-and-why-it-still-matters/ In a press conference, more than 2 months after the incident, the U.S. deputy national security advisor said that investigators were still in the “beginning stages” of understanding the scope and scale of the attack. What makes the SolarWinds hack particularly dangerous is that it leveraged cloud-based services to orchestrate a supply-chain attack. Because access to those services was obtained via authentication systems based on already-compromised networks, the attackers were able to breach companies’ defences without raising any alarms. To prevent future attacks, organizations need to ensure that they employ the basic core security practices of endpoint protection, email security, least-privilege access and network segmentation across their infrastructure, to make it harder for adversaries to infiltrate networks and move laterally within the organization to access critical assets.

Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again

www.zdnet.com/article/ransomware-this-is-the-first-thing-you-should-think-about-if-you-fall-victim-to-an-attack The unnamed company fell victim to a ransomware attack and paid millions in bitcoin in order to restore the network and retrieve the files. However, the company just left it at that, failing to analyse how cyber criminals infiltrated the network something that came back to haunt them when the same ransomware gang infected the network with the same ransomware less than two weeks later. The company ended up paying a ransom a second time.

Ubiquiti All But Confirms Breach Response Iniquity

krebsonsecurity.com/2021/04/ubiquiti-all-but-confirms-breach-response-iniquity/ For four days this past week, Internet-of-Things giant Ubiquiti did not respond to requests for comment on a whistleblower’s allegations the company had massively downplayed a “catastrophic” two-month breach ending in January to save its stock price, and that Ubiquiti’s insinuation that a third-party was to blame was a fabrication. The whistleblower, “Adam, ” spoke on condition of anonymity for fear of reprisals from Ubiquiti. Adam said the place where those key administrator credentials were compromised Ubiquiti’s presence on Amazon’s Web Services (AWS) cloud services was in fact the “third party” blamed for the hack.

Linux-jakelu, joka sopii kenelle tahansa tällainen on Mageia 8

www.tivi.fi/uutiset/tv/00c16e4c-745e-427f-a0fa-437995b79396 Mageia on monelle varsin uusi tuttavuus ja iloinen yllätys. Se on käyttöjärjestelmä, joka sopii niin Linux-aloittelijoille kuin tehokäyttäjillekin. Mageia on rakennettu klassisen Mandrivan raunioiden päälle. Kyseessä ei ole perustuksiltaan huojuva korttitalo, vaan oikeasti omaperäinen Linux-distro, joka yllättää sulavalla toiminnallaan ja kauniilla ulkoasullaan.

Google rajoittaa sovellusten oikeuksia Toiminnon käyttäminen vaatii jatkossa tarkkaa perustelua

www.tivi.fi/uutiset/tv/035e0cd3-8bfb-40f6-831c-eb937a34d4df Play-kaupasta ladattavat sovellukset vaativat jatkossa erittäin hyvän syyn muiden ladattujen sovellusten tarkasteluun. Tällä hetkellä kaikki “QUERY_ALL_PACKAGES”-lupaa pyytävät Android 11 -sovellukset näkevät kaikki käyttäjän asentamat sovellukset. Google kuitenkin päivitti kehittäjäehtojaan ja pitää nyt tietoa henkilökohtaisena ja arkaluonteisena rajoittaen samalla sen käyttämistä.

Hakkerit saa apuun rahalla näin järjestät bug bounty -ohjelman

www.tivi.fi/uutiset/tv/816b0d55-266f-4429-be14-095ced64e9d7 Bugipalkkio-ohjelmien suosio nousee. Onnistunut ohjelma vaatii hyvän pohjatyön. Hakkerit päästetään yhä useammin tarkoituksella penkomaan yritysten ja organisaatioiden järjestelmiä. Niin sanotuissa bug bounty eli bugipalkkio-ohjelmissa hakkerit raportoivat löytämistään haavoittuvuuksista palkkioita vastaan.

How the Work-From-Home Shift Impacts SaaS Security

thehackernews.com/2021/04/how-work-from-home-shift-impacts-saas.html The data is in. According to IBM Security’s 2020 Cost of a Data Breach Report, there is a 50% increase in cloud usage for enterprises across all industries. The number of threats targeting cloud services, predominantly collaboration services like Office 365, has increased 630%. “New controls are needed to address these new realities”

15 Cybersecurity Pitfalls and Fixes for SMBs

threatpost.com/cybersecurity-pitfalls-fixes-smbs/165225/ Small- to medium-sized businesses (SMBs), those with 100 employees or less, are more vulnerable than ever to catastrophic cybersecurity breaches and attacks. Security experts focus on smaller businesses offer real-world advice for actionable ways to shore up defenses using fewer resources.

You might be interested in …

Daily NCSC-FI news followup 2019-10-14

Laajamittainen häiriö Nesteen IT-järjestelmissä www.neste.com/fi/tiedotteet-ja-uutiset/laajamittainen-hairio-nesteen-it-jarjestelmissa Nesteen IT-järjestelmissä on havaittu laajamittainen häiriö. Häiriö vaikuttaa Nesteen Suomen ja Baltian toimintoihin laajasti prosessi-, säiliö- ja terminaalialueella, ja aiheuttaa viivästyksiä tuotejakelussa. Häiriön syytä tutkitaan parhaillaan yhteistyössä palveluntarjoajien kanssa. Connecting the dots: Exposing the arsenal and methods of the Winnti Group www.welivesecurity.com/2019/10/14/connecting-dots-exposing-arsenal-methods-winnti/ New ESET white paper released describing updates to […]

Read More

Daily NCSC-FI news followup 2020-02-10

App Used by Netanyahu’s Likud Leaks Israel’s Entire Voter Registry www.haaretz.com/israel-news/elections/.premium-app-used-by-netanyahu-s-likud-leaks-israel-s-entire-voter-registry-1.8509696 The Likud has uploaded the full register of Israeli voters to an application, causing the leak of personal data on 6,453,254 citizens. The information includes the full names, identity card numbers, addresses and gender of every single eligible voter in Israel, as well as […]

Read More

Daily NCSC-FI news followup 2019-07-24

Low Barr: Don’t give me that crap about security, just put the backdoors in the encryption, roars US Attorney General www.theregister.co.uk/2019/07/23/us_encryption_backdoor/ While speaking today in New York, Barr demanded eavesdropping mechanisms be added to consumer-level software and devices, mechanisms that can be used by investigators to forcibly decrypt and pry into strongly end-to-end encrypted chats, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.