Daily NCSC-FI news followup 2021-04-17

Major BGP leak disrupts thousands of networks globally

www.bleepingcomputer.com/news/security/major-bgp-leak-disrupts-thousands-of-networks-globally/ A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone’s autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources.

Combating Sleeper Threats With MTTD

securityintelligence.com/articles/sleeper-threats-mean-time-to-detect/ During the SolarWinds Orion supply chain compromise, threat actors lurked in the victim’s network for more than a year. Discovered by FireEye in December 2020, the earliest traces of a modified SolarWinds Orion go back as early as October 2019. Although these early versions did not contain the malicious backdoor (this was added in March 2020), it means attackers were able to remain hidden for a long time.

Biden Races to Shore Up Power Grid Against Hacks

threatpost.com/biden-power-grid-hacks/165428/ A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. President Biden is putting the final details on a plan to encourage American electric utilities to strengthen their cybersecurity protections against hackers in the next 100 days, amid increasing cyberattacks.

Codecov discloses 2.5-month-long supply chain attack

therecord.media/codecov-discloses-2-5-month-long-supply-chain-attack/ Codecov, a software company that provides code testing and code statistics solutions, disclosed on Thursday a major security breach after a threat actor managed to breach its platform and add a credentials harvester to one of its tools. The impacted product is named Bash Uploader and allows Codecov customers to submit code coverage reports to the company’s platform for analysis. Lisäksi:

arstechnica.com/gadgets/2021/04/backdoored-developer-tool-that-stole-credentials-escaped-notice-for-3-months/. Lisäksi: about.codecov.io/security-update/

Google’s Project Zero updates vulnerability disclosure rules to add patch cushion

therecord.media/googles-project-zero-updates-vulnerability-disclosure-rules-to-add-patch-cushion/ The Google Project Zero security team has updated its vulnerability disclosure guidelines today to add a cushion of 30 days to some security bug disclosures, so end-users have enough time to patch software and prevent attackers from weaponizing bugs.

BazarLoader Malware Abuses Slack, BaseCamp Clouds

threatpost.com/bazarloader-malware-slack-basecamp/165455/ Two cyberattack campaigns are making the rounds using unique social-engineering techniques. The BazarLoader malware is leveraging worker trust in collaboration tools like Slack and BaseCamp, in email messages with links to malware payloads, researchers said.

Swinburne University confirms over 5, 000 individuals affected in data breach

www.zdnet.com/article/swinburne-university-confirms-over-5000-individuals-affected-in-data-breach/ Swinburne University of Technology has confirmed personal information on staff, students, and external parties had inadvertently made its way into the wild. It said it was advised last month that information of around 5, 200 Swinburne staff and 100 Swinburne students was available on the internet.

iOS Kids Game Morphs into Underground Crypto Casino

threatpost.com/ios-kids-game-crypto-casino/165450/ A malicious Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality. A kids’ game called “Jungle Run” that, until recently, was available in the Apple App store, was secretly a cryptocurrency-funded casino set up to scam people out of money.

You might be interested in …

Daily NCSC-FI news followup 2019-12-30

Uusi viranomainen alkaa välittää suomalaisten potilastietoja eteenpäin, mutta lupaa yksityisyyden suojan olevan turvattu yle.fi/uutiset/3-11133001 Vuodenvaihteessa toimintansa aloittaa uusi viranomainen, Findata. Se kerää ja välittää suomalaisten terveystietoja niistä kiinnostuneille tahoille. Taustalla on vappuna 2019 voimaan tullut toisiolaki. Satakunnassa erittäin vakava tietoliikennekatkos sairaaloissa käyttäjän vahinko katkaisi yhteyden potilastietojärjestelmiin yle.fi/uutiset/3-11138205 Satakunnassa erikoissairaanhoitoa tuottavan Satasairaalan tietoverkoissa oli maanantaina päivällä […]

Read More

Daily NCSC-FI news followup 2020-12-04

KUTSU TRAFICOMIN KYBERTURVALLISUUSKESKUKSEN MEDIAWEBINAARIIN: ONKO KODIN ÄLYLAITE AVOIN OVI HAKKERILLE? www.epressi.com/tiedotteet/teknologia/kutsu-traficomin-kyberturvallisuuskeskuksen-mediawebinaariin-onko-kodin-alylaite-avoin-ovi-hakkerille.html Verkossa olevat älylaitteet voivat olla kanava koteihin suuntautuviin tietoturvahyökkäyksiin. Siksi tuotteiden valmistajien ja markkinoijien täytyy varmistaa laitteidensa tietoturvataso. Miten vuosi sitten Liikenne- ja viestintävirasto Traficomin julkistama Tietoturvamerkki on otettu vastaan yrityksissä? Miten se auttaa kuluttajia löytämään tietoturvallisen älylaitteen?. Ilmoittaudu mediawebinaariimme viimeistään ti 8.12. klo […]

Read More

Daily NCSC-FI news followup 2019-09-26

Magecart Group Targets Routers Behind Public Wi-Fi Networks threatpost.com/magecart-group-targets-routers-behind-public-wi-fi-networks/148662/ Magecart Group 5 has been spotted testing and preparing code to be injected onto commercial routers potentially opening up guests connecting to Wi-Fi networks to payment data theft.. Read also: www.zdnet.com/article/hackers-looking-into-injecting-card-stealing-code-on-routers-rather-than-websites/ and Microsoft Phishing Attack Uses Google Redirects to Evade Detection www.bleepingcomputer.com/news/security/microsoft-phishing-attack-uses-google-redirects-to-evade-detection/ A new phishing campaign […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.