Daily NCSC-FI news followup 2021-06-04

Tekstiviestitse levitettävät Android-haittaohjelmat

www.kyberturvallisuuskeskus.fi/fi/tekstiviestitse-levitettavat-android-haittaohjelmat Pakettiteemaisia huijausviestejä lähettävä FluBot-kampanja on aktivoitunut Suomessa. Kyberturvallisuuskeskukselle tulleiden ilmoitusten perusteella suomen kielellä kirjoitettuja huijausviestejä lähetetään tällä hetkellä arviolta tuhansille suomalaisille. Lisäksi:

yle.fi/uutiset/3-11966491. Lisäksi:

www.is.fi/digitoday/tietoturva/art-2000008027889.html. Lisäksi:

www.epressi.com/tiedotteet/logistiikka-ja-liikenne/android-haittaohjelmat-leviavat-tekstiviestitse.html

Exclusive: U.S. to give ransomware hacks similar priority as terrorism

www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters. Lisäksi:

blog.malwarebytes.com/malwarebytes-news/2021/06/ransomware-to-be-investigated-like-terrorism/. Lisäksi:

www.tivi.fi/uutiset/tv/2d0b61b6-2465-4ed6-8bd4-f702eaf77f5d. Lisäksi:

arstechnica.com/gadgets/2021/06/justice-department-tells-prosecutors-to-closely-track-ransomware-cases/

Google PPC Ads Used to Deliver Infostealers

threatpost.com/google-ppc-ads-used-to-deliver-infostealers/166644/ Researchers have tracked down the origins of several increasingly prevalent info-stealers including Redline, Taurus, Tesla and Amadey that threat actors are delivering via pay-per-click (PPC) ads in Google’s search results.

Phishing uses Colonial Pipeline ransomware lures to infect victims

www.bleepingcomputer.com/news/security/phishing-uses-colonial-pipeline-ransomware-lures-to-infect-victims/ The recent ransomware attack on Colonial Pipeline inspired a threat actor to create a new phishing lure to trick victims into downloading malicious files. The emails are targeted and tailored as urgent notifications to download and install a system update that would defend against the latest ransomware strains. Lisäksi:

www.zdnet.com/article/hackers-use-colonial-pipeline-ransomware-news-for-phishing-attack

FreakOut malware worms its way into vulnerable VMware servers

www.bleepingcomputer.com/news/security/freakout-malware-worms-its-way-into-vulnerable-vmware-servers/ A multi-platform Python-based malware targeting Windows and Linux devices has now been upgraded to worm its way into Internet-exposed VMware vCenter servers unpatched against a remote code execution vulnerability. Lisäksi:

blog.talosintelligence.com/2021/06/necro-python-bot-adds-new-tricks.html

10 Critical Flaws Found in CODESYS Industrial Automation Software

thehackernews.com/2021/06/10-critical-flaws-found-in-codesys.html Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to remote code execution on programmable logic controllers (PLCs).

Supreme Court Limits Scope of Controversial Hacking Law

threatpost.com/court-limits-scope-hacking-law/166672/ Judges rule that Georgia police officer did not violate CFAA when he accessed law-enforcement data in exchange for bribe money, a ruling that takes heat off ethical hackers.

Chrome 91 will warn users when installing untrusted extensions

www.zdnet.com/article/chrome-91-will-warn-users-when-installing-untrusted-extensions/ Developers who are new to the Chrome Web Store can also expect to wait several months before being considered ‘trusted’ within the Chrome browser.

You might be interested in …

Daily NCSC-FI news followup 2020-08-22

Grandoreiro banking trojan impersonates Spains tax agency www.welivesecurity.com/2020/08/21/grandoreiro-banking-trojan-impersonates-spain-tax-agency/ Although its been some weeks since the height of the income tax season in many countries around the globe, the year 2020 has been looking less than normal even for cybercriminal activity. For several months, various threat actors have been attempting to impersonate governmental organizations, such as […]

Read More

Daily NCSC-FI news followup 2021-03-23

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector The NCSC is responding to further targeted ransomware attacks on the education sector by cyber criminals. When & How to Report Security Incidents www.enisa.europa.eu/news/enisa-news/when-how-to-report-security-incidents The European Union Agency for Cybersecurity (ENISA) releases new guidelines to facilitate the reporting of security incidents […]

Read More

Daily NCSC-FI news followup 2020-01-20

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/ Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution.. Besides releasing these permanent fixes for the CVE-2019-19781 flaw, Citrix also says […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.