Daily NCSC-FI news followup 2021-05-05

Uudistettu strategia kirkastaa HVK:n toiminnan tavoitteita

www.huoltovarmuuskeskus.fi/huoltovarmuusorganisaatio/huoltovarmuuskeskus/strategia-visio-ja-missio Yritysten kyberturvallisuuden edistäminen ja dynaamisen, ennakoivan tilannekuva- ja -analyysitoiminnon tärkeys korostuvat.

Varkaiden kiero tekniikka yleistyy Android-puhelimissa kohteena verkkopankit ja kryptovaluutat

www.is.fi/digitoday/tietoturva/art-2000007959216.html Hyökkäyksissä haittaohjelmat piirtävät puhelimen ruudulle aidon sovelluksen päälle erittäin uskottavia ja tarkkoja kirjautumisruutuja jallittaakseen uhrin syöttämään tunnuksensa rikollisille. 882 sovellusta joutui tällaisen hyökkäyksen kohteeksi vuonna 2019, mutta nyt lukema on kasvanut yhtiön arvion mukaan 2020 sovellukseen.

Malicious Office 365 Apps Are the Ultimate Insiders

krebsonsecurity.com/2021/05/malicious-office-365-apps-are-the-ultimate-insiders/ Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

U.S. Agency for Global Media (USAGM) has disclosed a data breach that exposed the personal information of current and former employees and their beneficiaries.


Peloton’s leaky API let anyone grab riders’ private account data

techcrunch.com/2021/05/05/peloton-bug-account-data-leak/ A bug allowed anyone to pull users’ private account data directly from Peloton’s servers, even with their profile set to private. Pen Test Partners report:

www.pentestpartners.com/security-blog/tour-de-peloton-exposed-user-data/. Also: grahamcluley.com/peloton-exercise-bikes-data/

FBI is probably patching your system for you without your consent

www.pandasecurity.com/en/mediacenter/mobile-news/fbi-patching-your-system/ FBI has been actively patching vulnerable computer systems of businesses located in the USA. The fixed systems belong to organizations from both the private and government sectors. the acting US Attorney for the Southern District of Texas has authorized an operation allowing the FBI to access hundreds of vulnerable computers. The court-authorized activity executed by qualified FBI agents aimed to copy and remove malicious web shells from vulnerable or infected computers running on-premises versions of Microsoft Exchange.

N3TW0RM ransomware emerges in wave of cyberattacks in Israel

www.bleepingcomputer.com/news/security/n3tw0rm-ransomware-emerges-in-wave-of-cyberattacks-in-israel/ Like other ransomware gangs, N3TW0RM has created a data leak site where they threaten to leak stolen files as a way to scare their victims into paying a ransom.

San Diego-based Hospital Network Scripps Health Suffers Cyber Attack

threatpost.com/scripps-health-cyberattack-hospital-outages/165817/ Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune.

Enisa: How to Secure the Connected & Automated Mobility (CAM) Ecosystem

www.enisa.europa.eu/news/enisa-news/how-to-secure-the-connected-automated-mobility-cam-ecosystem The recommendations issued contribute to the improvement and harmonisation of cybersecurity in the CAM ecosystem in the European Union.

You might be interested in …

Daily NCSC-FI news followup 2019-10-27

TrialWorks Ransomware Attack Disrupts Court Cases and Deadlines www.bleepingcomputer.com/news/security/trialworks-ransomware-attack-disrupts-court-cases-and-deadlines/ TrialWorks, one of the top-rated providers of legal case management software for law firms and attorneys, became the victim of a ransomware attack earlier this month. The ripples of disruption from this incident made it impossible for lawyers to access the legal documents hosted on TrialWorks […]

Read More

Daily NCSC-FI news followup 2019-10-07

Mikko Hyppönen: Unohda nämä kaksi turvasääntöä www.is.fi/digitoday/tietoturva/art-2000006262088.html F-Securen tietoturvajohtaja Mikko Hyppönen haluaa kumota yleisen uskomuksen siitä, että kalastelun tai nettihuijauksen uhriksi joutuneet ihmiset olisivat tyhmiä tai tapahtunut olisi heidän omaa vikaansa.. Hyppösen mukaan verkkokonnien keksimät uudet keinot ovat tehneet kahdesta klassisesta turvallisen verkkosivuston tunnusmerkistä vanhentuneita. Nämä ovat osoiterivillä oleva lukon kuva sekä osoiterivillä näkyvä turvallisena […]

Read More

Daily NCSC-FI news followup 2020-11-24

TA416 Goes to Ground and Returns with a Golang PlugX Malware Loader www.proofpoint.com/us/blog/threat-insight/ta416-goes-ground-and-returns-golang-plugx-malware-loader Following the Chinese National Day holiday in September, Proofpoint researchers observed a resumption of activity by the APT actor TA416. Historic campaigns by this actor have also been publicly attributed to Mustang Panda and RedDelta. This new activity appears to be a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.