Daily NCSC-FI news followup 2021-04-14

Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits

thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation.. see also


FBI blasts away web shells on US servers in wake of Exchange vulnerabilities

www.zdnet.com/article/fbi-blasts-away-web-shells-on-us-servers-in-wake-of-exchange-vulnerabilities/ Feds turn into cyberfirefighters and hose down the web shell bonfire raging on hundreds of unpatched Exchange servers.

CISA gives federal agencies until Friday to patch Exchange servers

www.bleepingcomputer.com/news/security/cisa-gives-federal-agencies-until-friday-to-patch-exchange-servers/ The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday.

Threat Actors Targeting Cybersecurity Researchers

us-cert.cisa.gov/ncas/current-activity/2021/04/14/threat-actors-targeting-cybersecurity-researchers Google and Microsoft recently published reports on advanced persistent threat (APT) actors targeting cybersecurity researchers. The APT actors are using fake social media profiles and legitimate-looking websites to lure security researchers into visiting malicious websites to steal information, including exploits and zero-day vulnerabilities.

100,000 Google Sites Used to Install SolarMarket RAT

threatpost.com/google-sites-solarmarket-rat/165396/ Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains.

An Update: The COVID-19 Vaccines Global Cold Chain Continues to Be a Target

securityintelligence.com/posts/covid-19-vaccine-global-cold-chain-security/ In December 2020, IBM Security X-Force released a research blog disclosing that the COVID-19 cold chain an integral part of delivering and storing COVID-19 vaccines at safe temperatures was targeted by cyber adversaries.. After that first report, we recently discovered an additional 50 files tied to spear-phishing emails that targeted 44 companies in 14 countries in Europe, North America, South America, Africa and Asia.

Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers

www.zdnet.com/article/free-money-cyber-criminals-are-installing-cryptojacking-malware-on-unpatched-microsoft-exchange-servers/ Cyber criminals are targeting vulnerable [published in March] Microsoft Exchange servers with cryptocurrency mining malware in a campaign designed to secretly use the processing power of compromised systems to make money.

Turun opetuksen verkkopalveluihin kohdistettu tietomurto pystyttiin estämään varotoimenpiteenä tulee vaihtaa salasana

yle.fi/uutiset/3-11883275 Turun kaupunki on tehnyt viikonloppuna ja maanantaina tapahtuneesta tietomurrosta rikosilmoituksen.. katso myös


Capcom: Ransomware gang used old VPN device to breach the network

www.bleepingcomputer.com/news/security/capcom-ransomware-gang-used-old-vpn-device-to-breach-the-network/ Capcom has released a final update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals.


www.vusec.net/projects/smash/ SMASH is a new JavaScript-based attack that gives the attacker an arbitrary read and write primitive in the browser. It does not rely on software vulnerabilities or bugs, but instead takes advantage of the much harder to mitigate Rowhammer bug in hardware to initiate the exploit chain.

The FBI wanted to unlock the San Bernardino shooters iPhone. It turned to a little-known Australian firm.

www.washingtonpost.com/technology/2021/04/14/azimuth-san-bernardino-apple-iphone-fbi/ Azimuth unlocked the iPhone at the center of an epic legal battle between the FBI and Apple. Now, Apple is suing the company co-founded by one of the hackers behind the unlock.

Nokia syrjäyttää Huawein suomalaisoperaattoreiden yhteisessä mobiiliverkossa Suomen Yhteisverkon operointi pois kiistellyltä kiinalaisyritykseltä

www.kauppalehti.fi/uutiset/nokia-syrjayttaa-huawein-suomalaisoperaattoreiden-yhteisessa-mobiiliverkossa-suomen-yhteisverkon-operointi-pois-kiistellylta-kiinalaisyritykselta/7fc42630-8d6e-4584-b67c-… Telian ja DNA:n yhteisesti omistama Suomen Yhteisverkko Oy on aloittanut uuden 5G-verkon rakentamisen laajentuvalle toimialueelleen Itä- ja Pohjois-Suomeen. Hiihtokeskusten verkot saavat samalla uutta tehoa ja verkko uuden operointi-isännän.

You might be interested in …

Daily NCSC-FI news followup 2020-01-22

The Guardian: Amazonin perustajan puhelimeen lähetetty hakkerointitiedosto näyttää tulleen Saudi-Arabian kruununprinssiltä yle.fi/uutiset/3-11169416 Verkkokauppa Amazonin perustajan Jeff Bezosin puhelimen hakkerointiin käytetty tiedosto vaikuttaa tulleen Saudi-Arabian kruununprinssin Mohammed bin Salmanin henkilökohtaiselta tililtä, brittiläinen The Guardian -sanomalehti kirjoittaa. The Guardian artikkeli: www.theguardian.com/technology/2020/jan/21/amazon-boss-jeff-bezoss-phone-hacked-by-saudi-crown-prince Glenn Greenwald Charged With Cybercrimes in Brazil www.nytimes.com/2020/01/21/world/americas/glenn-greenwald-brazil-cybercrimes.html Federal prosecutors in Brazil on Tuesday charged the […]

Read More

Daily NCSC-FI news followup 2019-10-13

Ruotsi aikoo sulkea kiinalaisen Huawein 5g-verkkojensa ulkopuolelle, kertoo SVT “Paniikkireaktio”, sanoo suomalaisprofessori yle.fi/uutiset/3-11018309 Huippunopeisiin 5g-verkkoihin nojaavat tulevaisuudessa monet yhteiskunnan elintärkeät palvelut, ja siksi niiden turvallisuus on noussut keskusteluun. Uusi merkki kertoo, että tuotteen tietoturva on kunnossa www.tivi.fi/uutiset/tv/d387512b-1d9d-4822-a8a9-d6981f62eb47 Kodin älylaitteet ovat saamassa Kyberturvallisuuskeskukselta oman merkinnän, joka kertoisi laitteen perustietoturvan olevan kunnossa. Planting tiny spy chips in […]

Read More

Daily NCSC-FI news followup 2020-09-27

Google removes 17 Android apps doing WAP billing fraud from the Play Store www.zdnet.com/article/google-removes-17-android-apps-doing-wap-billing-fraud-from-the-play-store/ The 17 apps were infected with the Joker (Bread) malware, which Google described in January 2020 as one of the most persistent threats it dealt with since 2017. iOS 14: The Surprising Security Risk Of Sharing Your New iPhone Home Screen […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.