Daily NCSC-FI news followup 2021-05-08

Largest U.S. pipeline shuts down operations after ransomware attack

www.bleepingcomputer.com/news/security/largest-us-pipeline-shuts-down-operations-after-ransomware-attack/ Colonial Pipeline, the largest fuel pipeline in the United States, has shut down operations after suffering what is reported to be a ransomware attack. Colonial Pipeline transports refined petroleum products between refineries located in the Gulf Coast and markets throughout the southern and eastern United States. The company transports 2.5 million barrels per day through its 5,500 mile pipeline and provides 45% of all fuel consumed on the East Coast.. Also:

threatpost.com/pipeline-crippled-ransomware/165963/.

www.zdnet.com/article/colonial-pipeline-cyberattack-shuts-down-pipeline-that-supplies-45-of-east-coasts-fuel/

How China turned a prize-winning iPhone hack against the Uyghurs

www.technologyreview.com/2021/05/06/1024621/china-apple-spy-uyghur-hacker-tianfu/ An attack that targeted Apple devices was used to spy on Chinas Muslim minorityand US officials claim it was developed at the countrys top hacking competition.. In March 2017, a group of hackers from China arrived in Vancouver with one goal: Find hidden weak spots inside the worlds most popular technologies. Googles Chrome browser, Microsofts Windows operating system, and Apples iPhones were all in the crosshairs. But no one was breaking the law. These were just some of the people taking part in Pwn2Own, one of the worlds most prestigious hacking competitions.

Instagramista löytyi useita vaarallisia tilejä varo näiltä tulevia yhteydenottoja

www.iltalehti.fi/tietoturva/a/e62af4f1-b397-4ba6-8e89-b284e6dfb44f Instagramissa erottuu uusi huijaustrendi, jossa rikolliset perustavat valetilejä oikeiden tilien seuraajien huijaamiseksi arvontojen avulla. Liikkeellä on useita valetilejä, jotka on luotu imitoimaan aitoja, suosittuja tilejä. Valetilit on tavallisesti luotu niin, että niissä on käytetty aitojen tilien kuvia sekä kuvausta, jolloin ne ovat suoria kopioita. Toisissa tapauksissa tili saattaa olla tehty niin, että se näyttää oikean tilin rinnakkaistililtä, jonka kautta väitetään arvontojen palkintojenjaon tapahtuvan. Valetilit ilmestyvät usein nopeasti sen jälkeen, kun aito tili on laittanut pystyyn arvonnan.

Business email compromise campaign targets wide range of orgs with gift card scam

www.microsoft.com/security/blog/2021/05/06/business-email-compromise-campaign-targets-wide-range-of-orgs-with-gift-card-scam/ Cybercriminals continue to target businesses to trick recipients into approving payments, transferring funds, or, in this case, purchasing gift cards. This kind of email attack is called business email compromise (BEC)a damaging form of phishing designed to gain access to critical business information or extract money through email-based fraud. In this blog, we want to share our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft.

Ransomware gangs have leaked the stolen data of 2,100 companies so far

www.bleepingcomputer.com/news/security/ransomware-gangs-have-leaked-the-stolen-data-of-2-100-companies-so-far/ Since 2019, ransomware gangs have leaked the stolen data for 2,103 companies on dark web data leaks sites. When modern ransomware operations began in 2013, the attacker’s goal was to encrypt as many companies as possible and then demand a ransom payment for a decryptor. Since the beginning of 2020, ransomware operations began conducting a new tactic called double-extortion.

ISPs Funded 8.5 Million Fake Comments Opposing Net Neutrality

www.wired.com/story/isps-funded-85-million-fake-comments-opposing-net-neutrality/ The secret campaign, backed by major broadband companies, used real peoples names without their consent. THE LARGEST INTERNET providers in the US funded a campaign that generated “8.5 million fake comments” to the Federal Communications Commission as part of the ISPs’ fight against net neutrality rules during the Trump administration, according to a report issued Thursday by New York state attorney general Letitia James.

Are The Notorious Cyber Criminals Evil Corp actually Russian Spies?

blog.truesec.com/2021/05/05/are-the-notorious-cyber-criminals-evil-corp-actually-russian-spies/ Truesec has documented how Russian ransomware gangs profit from being left alone by Russian law enforcement, but connections seem to go even deeper. In October 2020, the Russian-based threat actor known as Evil Corp conducted a ransomware attack against a major corporation. The attack vector to gain initial access was a drive-by compromise: a legitimate website was compromised and visitors to the website were prompted to download a fake Chrome update; a ZIP file, containing a JavaScript file.

You might be interested in …

Daily NCSC-FI news followup 2021-06-01

Ruotsi ja Norja vaativat Tanskalta selvitystä vakoiluväitteistä yle.fi/uutiset/3-11955732 Mediatietojen mukaan Tanskan puolustusministeri olisi tiennyt jo viime elokuussa, että Yhdysvaltain Kansallisen turvallisuuden virasto NSA on vakoillut Tanskan kautta useiden liittolaismaiden poliitikkoja ja virkamiehiä. Ruotsin ja Norjan puolustusministerit vaativat Tanskalta selvitystä mediatiedoista, joiden mukaan Yhdysvallat olisi vakoillut Tanskan kautta niiden poliitikkoja ja virkamiehiä, kertoo muun muassa Tanskan […]

Read More

Daily NCSC-FI news followup 2020-11-19

Tahmaako netti? Liisa-myrskyn aiheuttamia tuhoja korjaillaan www.tivi.fi/uutiset/tv/e78e181b-62f7-45cb-ac38-e30eee4f8017 Liisa-myrskyn aiheuttamat sähkökatkokset aiheuttavat parhaillaan häiriöitä matkapuhelinverkossa. Accused Ringleader of FIN7 Hacking Group Pleads Guilty www.bankinfosecurity.com/accused-ringleader-fin7-hacking-group-pleads-guilty-a-15397 Andrii Kolpakov, who is a Ukrainian national, pleaded guilty to charges of conspiracy to commit wire fraud and conspiracy to commit computer hacking. He faces up to a 25-year federal prison term […]

Read More

Daily NCSC-FI news followup 2021-01-20

Tietoturva ei ole luksustuote www.tivi.fi/uutiset/tv/465d7ff0-5446-4ca6-ac28-6d1850a26112 “Rahalla ei voi ostaa yrityksen sisäistä viestintää ja uskallusta myöntää virheet. Mikään määrä tietoturvatyökaluja ei pelasta, jos yrityksessä henkilöstö pelkää oman työnsä puolesta tai heitä ei oteta tosissaan virheen sattuessa kohdalle.”. “Lopulta monimutkaisiin ongelmiin ratkaisut voivat löytyä läheltä, omista työntekijöistä ja yrityksen omasta kulttuurista. Tietoturva on holistista ja sen pitäisi […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.