Daily NCSC-FI news followup 2021-06-04

Tekstiviestitse levitettävät Android-haittaohjelmat

www.kyberturvallisuuskeskus.fi/fi/tekstiviestitse-levitettavat-android-haittaohjelmat Pakettiteemaisia huijausviestejä lähettävä FluBot-kampanja on aktivoitunut Suomessa. Kyberturvallisuuskeskukselle tulleiden ilmoitusten perusteella suomen kielellä kirjoitettuja huijausviestejä lähetetään tällä hetkellä arviolta tuhansille suomalaisille. Lisäksi:

yle.fi/uutiset/3-11966491. Lisäksi:

www.is.fi/digitoday/tietoturva/art-2000008027889.html. Lisäksi:

www.epressi.com/tiedotteet/logistiikka-ja-liikenne/android-haittaohjelmat-leviavat-tekstiviestitse.html

Exclusive: U.S. to give ransomware hacks similar priority as terrorism

www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters. Lisäksi:

blog.malwarebytes.com/malwarebytes-news/2021/06/ransomware-to-be-investigated-like-terrorism/. Lisäksi:

www.tivi.fi/uutiset/tv/2d0b61b6-2465-4ed6-8bd4-f702eaf77f5d. Lisäksi:

arstechnica.com/gadgets/2021/06/justice-department-tells-prosecutors-to-closely-track-ransomware-cases/

Google PPC Ads Used to Deliver Infostealers

threatpost.com/google-ppc-ads-used-to-deliver-infostealers/166644/ Researchers have tracked down the origins of several increasingly prevalent info-stealers including Redline, Taurus, Tesla and Amadey that threat actors are delivering via pay-per-click (PPC) ads in Google’s search results.

Phishing uses Colonial Pipeline ransomware lures to infect victims

www.bleepingcomputer.com/news/security/phishing-uses-colonial-pipeline-ransomware-lures-to-infect-victims/ The recent ransomware attack on Colonial Pipeline inspired a threat actor to create a new phishing lure to trick victims into downloading malicious files. The emails are targeted and tailored as urgent notifications to download and install a system update that would defend against the latest ransomware strains. Lisäksi:

www.zdnet.com/article/hackers-use-colonial-pipeline-ransomware-news-for-phishing-attack

FreakOut malware worms its way into vulnerable VMware servers

www.bleepingcomputer.com/news/security/freakout-malware-worms-its-way-into-vulnerable-vmware-servers/ A multi-platform Python-based malware targeting Windows and Linux devices has now been upgraded to worm its way into Internet-exposed VMware vCenter servers unpatched against a remote code execution vulnerability. Lisäksi:

blog.talosintelligence.com/2021/06/necro-python-bot-adds-new-tricks.html

10 Critical Flaws Found in CODESYS Industrial Automation Software

thehackernews.com/2021/06/10-critical-flaws-found-in-codesys.html Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to remote code execution on programmable logic controllers (PLCs).

Supreme Court Limits Scope of Controversial Hacking Law

threatpost.com/court-limits-scope-hacking-law/166672/ Judges rule that Georgia police officer did not violate CFAA when he accessed law-enforcement data in exchange for bribe money, a ruling that takes heat off ethical hackers.

Chrome 91 will warn users when installing untrusted extensions

www.zdnet.com/article/chrome-91-will-warn-users-when-installing-untrusted-extensions/ Developers who are new to the Chrome Web Store can also expect to wait several months before being considered ‘trusted’ within the Chrome browser.

You might be interested in …

Daily NCSC-FI news followup 2020-09-26

ThunderX ransomware silenced with release of a free decryptor www.bleepingcomputer.com/news/security/thunderx-ransomware-silenced-with-release-of-a-free-decryptor/ A decryptor for the ThunderX ransomware has been released by cybersecurity firm Tesorion that lets victims recover their files for free. When coffee makers are demanding a ransom, you know IoT is screwed arstechnica.com/information-technology/2020/09/how-a-hacker-turned-a-250-coffee-maker-into-ransom-machine/ Watch along as hacked machine grinds, beeps, and spews water. Threat […]

Read More

Daily NCSC-FI news followup 2020-03-02

Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now www.bleepingcomputer.com/news/security/active-scans-for-apache-tomcat-ghostcat-vulnerability-detected-patch-now/ Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend.. As cyber threat intelligence firm Bad Packets said on Saturday, “mass scanning activity targeting this vulnerability has already begun. […]

Read More

Daily NCSC-FI news followup 2020-06-14

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.