Daily NCSC-FI news followup 2021-04-12

Israel appears to confirm it carried out cyberattack on Iran nuclear facility

www.theguardian.com/world/2021/apr/11/israel-appears-confirm-cyberattack-iran-nuclear-facility Israel appeared to confirm claims that it was behind a cyber-attack on Irans main nuclear facility on Sunday, which Tehrans nuclear energy chief described as an act of terrorism that warranted a response against its perpetrators.

Sisä-Suomen poliisilaitoksella on tutkittavana useita WhatsApp-sovelluksen kaappauksia

poliisi.fi/-/sisa-suomen-poliisilaitoksella-on-tutkittavana-useita-whatsapp-sovelluksen-kaappauksia Useat henkilöt ovat ilmoittaneet poliisille tapauksista, joissa oma WhatsApp-tili on kaapattu.. Selvitysten perusteella WhatsApp-tili kaapataan siten, että tuttu yhteystieto pyytää asianomistajan toimittamaan kiireellisesti 6-numeroisen koodin, joka lähetetään asianomistajan puhelimeen.

Dutch supermarkets run out of cheese after ransomware attack

www.bleepingcomputer.com/news/security/dutch-supermarkets-run-out-of-cheese-after-ransomware-attack/ A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets.

Updates on Microsoft Exchange Server Vulnerabilities

us-cert.cisa.gov/ncas/current-activity/2021/04/12/updates-microsoft-exchange-server-vulnerabilities CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.

IcedID Circulates Via Web Forms, Google URLs

threatpost.com/icedid-web-forms-google-urls/165347/ Attackers are filling out and submitting web-based contact us forms, thus evading email spam filters.

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

thehackernews.com/2021/04/indian-brokerage-firm-upstox-suffers.html Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web.

Pulse Secure VPN users can’t login due to expired certificate

www.bleepingcomputer.com/news/security/pulse-secure-vpn-users-cant-login-due-to-expired-certificate/ Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired.

How ransomware gangs are connected, sharing resources and tactics

blog.malwarebytes.com/ransomware/2021/04/how-ransomware-gangs-are-connected-and-sharing-resources-and-tactics/

You might be interested in …

Daily NCSC-FI news followup 2020-02-13

US says it can prove Huawei has backdoor access to mobile-phone networks arstechnica.com/tech-policy/2020/02/us-gave-allies-evidence-that-huawei-can-snoop-on-phone-networks-wsj-says/ “We have evidence that Huawei has the capability secretly to access sensitive and personal information in systems it maintains and sells around the world,” US National Security Adviser Robert O’Brien told the Journal.. The US kept the intelligence highly classified until late […]

Read More

Daily NCSC-FI news followup 2020-05-10

Microsoft adds protection against Reply-All email storms in Office 365 www.zdnet.com/article/microsoft-adds-protection-against-reply-all-email-storms-in-office-365/ Microsoft rolled out this week a new feature to Office 365 customers to help their IT staff detect and stop “Reply-All email storms.”. The term refers to situations when employees use the Reply-All option in mass-mailed emails, such as company-wide notifications. Sodinokibi ransomware can […]

Read More

Daily NCSC-FI news followup 2019-08-22

TechCrunch: T-Mobile hit by hours-long nationwide outage techcrunch.com/2019/08/21/t-mobile-outage/ Viranomaissivustot toimivat taas, iltapäivän palvelunestohyökkäys ohi “Palvelunestohyökkääjä löytänyt aivan uudenlaisen tavan päästä läpi” yle.fi/uutiset/3-10934147 Palvelunestohyökkäys kohdistui muun muassa poliisin ja hätäkeskuksen verkkopalveluihin. Fonectalla laaja tietovuoto: Tavallisella käyttäjä­tunnuksella on päässyt käsiksi ainakin 150 000 ihmisen arka­luontoisiin henkilö­tietoihin www.hs.fi/kotimaa/art-2000006212884.html Yrityksille ja järjestöille tarkoitetussa asiakasrekisteripalvelussa yksi tavallisen käyttäjätunnuksen omistaja on […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.