Daily NCSC-FI news followup 2021-05-29

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

us-cert.cisa.gov/ncas/alerts/aa21-148a The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are engaged in addressing a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). CISA and FBI acknowledge open-source reporting attributing the activity discussed in the report to APT29 (also known as Nobelium, The Dukes, and Cozy Bear). However, CISA and FBI are investigating this activity and have not attributed it to any threat actor at this time.

New Epsilon Red ransomware hunts unpatched Microsoft Exchange servers

www.bleepingcomputer.com/news/security/new-epsilon-red-ransomware-hunts-unpatched-microsoft-exchange-servers/ A new ransomware threat calling itself Red Epsilon has been seen leveraging Microsoft Exchange server vulnerabilities to encrypt machines across the network. Epsilon Red ransomware attacks rely on more than a dozen scripts before reaching the encryption stage and also use a commercial remote desktop utility.

Hackers Exploit Post-COVID Return to Offices

threatpost.com/hackers-exploit-covid-office/166550/ The latest scam includes pelting recipients with emails purportedly from their CIOs welcoming employees back into offices. The spoofed CIO email prompts victims to link to a fake Microsoft SharePoint page with two company-branded documents, both outlining new business operations. If a victim decides to interact (click) on either document a login panel appears and prompts the recipient to provide login credentials to access the files.

Using Fake Reviews to Find Dangerous Extensions

krebsonsecurity.com/2021/05/using-fake-reviews-to-find-dangerous-extensions Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams.

Turvapuhelimissa häiriöitä Oulussa ja Jyväskylässä vaikutti pahimmillaan jopa tuhannen asiakkaan palveluun, Oulussa tilanne jo korjaantunut

yle.fi/uutiset/3-11954972 Turvapuhelimissa ilmenneet ongelmat ovat haitanneet Jyväskylän ja Oulun kaupungin turvapuhelinasiakkaita. Yhteensä häiriön piirissä on enimmillään ollut arviolta tuhatkunta asiakasta. Jyväskylän kaupungin tiedotteen mukaan operaattori Tele2:n maailmanlaajuinen ongelma ilmeni lauantaina klo 12.30. Häiriö hankaloittaa turvapuhelinasiakkaiden palvelua ja henkilöstön työtä.

You might be interested in …

Daily NCSC-FI news followup 2020-01-16

APT40 is run by the Hainan department of the Chinese Ministry of State Security intrusiontruth.wordpress.com/2020/01/16/apt40-is-run-by-the-hainan-department-of-the-chinese-ministry-of-state-security/ Either a Hainan intelligence officer has a side-hustle running a business empire of at least 13 fast-growing, high-tech information security companies, and that business empire has a side-hustle recruiting people with knowledge of the languages spoken in APT40 target countries […]

Read More

Daily NCSC-FI news followup 2021-05-05

Uudistettu strategia kirkastaa HVK:n toiminnan tavoitteita www.huoltovarmuuskeskus.fi/huoltovarmuusorganisaatio/huoltovarmuuskeskus/strategia-visio-ja-missio Yritysten kyberturvallisuuden edistäminen ja dynaamisen, ennakoivan tilannekuva- ja -analyysitoiminnon tärkeys korostuvat. Varkaiden kiero tekniikka yleistyy Android-puhelimissa kohteena verkkopankit ja kryptovaluutat www.is.fi/digitoday/tietoturva/art-2000007959216.html Hyökkäyksissä haittaohjelmat piirtävät puhelimen ruudulle aidon sovelluksen päälle erittäin uskottavia ja tarkkoja kirjautumisruutuja jallittaakseen uhrin syöttämään tunnuksensa rikollisille. 882 sovellusta joutui tällaisen hyökkäyksen kohteeksi vuonna 2019, mutta […]

Read More

Daily NCSC-FI news followup 2020-12-12

Adobe releases final Flash Player update, warns of 2021 kill switch www.bleepingcomputer.com/news/software/adobe-releases-final-flash-player-update-warns-of-2021-kill-switch/ After 24 years of fun games and abuse by threat actors, Adobe has released their final Flash Player update and thanked everyone for the fantastic content that they have released over the years. Starting in January 2021, all browser developers will remove Adobe […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.