Daily NCSC-FI news followup 2021-05-24

Cyber Insurance Is Not a Substitute for Cybersecurity

www.crowdstrike.com/blog/why-cyber-insurance-is-not-a-substitute-for-cybersecurity/ Attacks are increasing in frequency, ransom demands are rising and the cyber insurance industry has reached a crossroad where cyber insurance cannot be used by victims of a ransomware attack as a substitute for inadequate cybersecurity solutions and practices

Subscription ransomware – Zeppelin ransomware comes back to life

www.bleepingcomputer.com/news/security/zeppelin-ransomware-comes-back-to-life-with-updated-versions/ The developers of Zeppelin ransomware have resumed their activity after a period of relative silence that started last Fall and started to advertise new versions of the malware. Earning model of the ransomware is a bit more interesting, in a way that it includes providing a cut to the developers and subscription model for regular customers.

Indonesian govt blocks access to RaidForums hacking forum after data leak

www.bleepingcomputer.com/news/security/indonesian-govt-blocks-access-to-raidforums-hacking-forum-after-data-leak/ The Indonesian government is blocking access to the RaidForums hacking forum after the alleged personal information of Indonesian citizens was posted online. On Friday, a newly registered forum member posted what they claim is a database containing 200 million records of personal information for Indonesian people.

VPN Android apps: What you should know

newsblur.com/site/6289490/malwarebytes-labs In just the past year, free VPN for Android apps have exposed the data of as many as 41 million users. Investigations into one of those free VPN Android apps also revealed that it may have been part of a larger web of Android VPNs all operating under the same company.

Romcon: How romance fraud targets older people and how to avoid it

www.welivesecurity.com/2021/05/24/rom-con-romance-fraud-older-people-avoid/ Online dating scams often follow the same script here’s what senior citizens should watch out for and how their younger relatives can help them avoid falling victim

How scammers have been targeting ArtStation freelancers

www.kaspersky.com/blog/artstation-job-scam/39999/ The pandemic has left tens of millions of people around the world effectively jobless, and scammers, never ones to miss an opening, have been targeting freelancers and job seekers more frequently. Today, we look at an unusually sophisticated scam aimed at artists and designers.

Key Takeaway from the Colonial Pipeline Attack

blogs.cisco.com/security/key-takeaway-from-the-colonial-pipeline-attack In the Cisco Blog Vikram Sharma describes the colonial pipeline attack and some measures that could have helped prevent the attack

What Every Incident Response Plan Needs

securityintelligence.com/articles/what-every-incident-response-plan-needs/ The enterprise can only do so much to prevent malicious actors from breaking into networks. They need be able to detect, respond to and shut down an attack chain that’s in progress. NIST along with others have already come up with guides containing incident response recommendations. You don’t need to follow every one of those guidelines. Instead, use those best practices as a starting place from which you can create a custom plan.

Bluetooth flaws allow attackers to impersonate legitimate devices

kb.cert.org/vuls/id/799380 Attackers could abuse vulnerabilities discovered in the Bluetooth Core and Mesh Profile specifications to impersonate legitimate devices during the pairing process and launch man-in-the-middle (MitM) attacks.

Apple fixes three zero-days, one abused by XCSSET macOS malware

www.bleepingcomputer.com/news/security/apple-fixes-three-zero-days-one-abused-by-xcsset-macos-malware/ Apple has released security updates to patch three macOS and tvOS zero-day vulnerabilities attackers exploited in the wild, with the former being abused by the XCSSET malware to bypass macOS privacy protections.

You might be interested in …

Daily NCSC-FI news followup 2020-02-22

Slickwraps Data Breach Exposes Financial and Customer Info www.bleepingcomputer.com/news/security/slickwraps-data-breach-exposes-financial-and-customer-info/ Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed.. Slickwraps is a mobile device case retailer who […]

Read More

Daily NCSC-FI news followup 2019-08-23

Fortinet SSL VPN vulnerability from May 2019 being exploited in wild opensecurity.global/forums/topic/181-fortinet-ssl-vpn-vulnerability-from-may-2019-being-exploited-in-wild/ CVE-2018-13379 is being exploited in the wild on Fortigate SSL VPN firewalls. These exist as a perimeter security control, so it’s a bad vulnerability.. Also: https://twitter.com/GossiTheDog/status/1164536461665996800. Original security advisory (2019-05-24) fortiguard.com/psirt/FG-IR-18-384 Cisco Warns of Public Exploit Code for Critical Switch Flaws www.bleepingcomputer.com/news/security/cisco-warns-of-public-exploit-code-for-critical-switch-flaws/ Cisco […]

Read More

Daily NCSC-FI news followup 2020-08-10

Onko Android-puhelimessasi haittaohjelma? Nämä oireet enteilevät pahaa www.is.fi/digitoday/tietoturva/art-2000006594928.html Haittaohjelmat uhkaavat Android-käyttäjiä jopa virallisessa Google Play -latauskaupassa. Niiden aiheuttamat vahingot voivat näkyä esimerkiksi puhelinlaskussa, mutta haittaohjelman voi usein tunnistaa jo ennen sitä tarkkailemalla puhelimen käytöstä. FBI says an Iranian hacking group is attacking F5 networking devices www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/ Sources: Attacks linked to a hacker group known as […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.