Daily NCSC-FI news followup 2021-06-07

Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments

unit42.paloaltonetworks.com/siloscape/ In March 2021, I uncovered the first known malware targeting Windows containers, a development that is not surprising given the massive surge in cloud adoption over the past few years. I named the malware Siloscape (sounds like silo escape) because its primary goal is to escape the container, and in Windows this is implemented mainly by a server silo. Lisäksi:

therecord.media/first-malware-discovered-targeting-windows-server-containers/. Lisäksi:

threatpost.com/windows-containers-malware-targets-kubernetes/166692/. Lisäksi:

thehackernews.com/2021/06/researchers-discover-first-known.html

Amazon Sidewalk: Cutting Through the Hype

isc.sans.edu/diary/rss/27502 Later this week (tomorrow?), Amazon will enable its new Sidewalk feature. The feature has already gotten a lot of bad press. Much of this comes from the fact that existing devices are automatically used as Sidewalk Gateways and users will have to opt-out. New devices may require a specific opt-in during setup.

The Autorité de la concurrence hands out a 220 millions fine to Google for favouring its own services in the online advertising sector

www.autoritedelaconcurrence.fr/en/article/autorite-de-la-concurrence-hands-out-eu220-millions-fine-google-favouring-its-own-services Following referrals from News Corp Inc., Le Figaro group[1] and the Rossel La Voix group, the Autorité de la concurrence issues today a decision sanctioning Google, up to 220 million euros, for having abused its dominant position in the advertising server market for website and mobile applications publishers. Lisäksi:

www.bleepingcomputer.com/news/google/google-fined-220-million-for-abusing-dominant-role-in-online-ads/

Calling on you, 5G Experts! Join us on 5G Cybersecurity Certification

www.enisa.europa.eu/news/enisa-news/calling-on-you-5g-experts-join-us-on-5g-cybersecurity-certification The European Union Agency for Cybersecurity received earlier this year the request from the European Commission to prepare a new candidate certification scheme on 5G. The call launched today is intended to set up an ad hoc working group on 5G cybersecurity certification meant to support the Agency for the purpose of preparing the new EU 5G certification scheme.

Hacking space: How to pwn a satellite hacking an orbiting satellite is not light years away here’s how things can go wrong in outer space

www.welivesecurity.com/2021/06/07/hacking-space-how-pwn-satellite/ Getting root on something floating above our planet (or any other for that matter) would seem like a new form of hacking Holy Grail. Don’t worry though, someone’s already working on it believe it or not. Because when you break something in space, bad things happen. Just ask any space movie fan.

Hackers Breached Colonial Pipeline Using Compromised Password

www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Lisäksi:

thehackernews.com/2021/06/hackers-breached-colonial-pipeline.html.

www.zdnet.com/article/the-cost-of-ransomware-around-the-globe-to-go-beyond-265-billion-in-the-next-decade/. The cost of ransomware attacks worldwide will go beyond $265 billion in the next decade. The cost of ransomware incidents worldwide is expected to spiral out of control, exceeding $265 billion by 2031.

Australians spent AU$26.5m in cryptocurrency to pay scammers in 2020

www.zdnet.com/article/australians-spent-au26-5m-in-cryptocurrency-to-pay-scammers-in-2020 Australians in 2020 reported losses to scams totalled AU$851 million, with AU$128 million lost to business email compromise (BEC), AU$8.4 million classed as remote access scams, and AU$3.1 million a result of identity theft. Lisäksi:

www.accc.gov.au/system/files/Targeting%20scams%20-%20report%20of%20the%20ACCC%20on%20scams%20activity%202020.pdf

New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions

www.bleepingcomputer.com/news/security/new-evil-corp-ransomware-mimics-payloadbin-gang-to-evade-us-sanctions/ The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC).

Pelastakaa Lasten tuore julkaisu: Lapsista otettuja tavallisia arkipäiväisiä kuvia seksualisoidaan netissä

www.epressi.com/tiedotteet/sosiaaliset-kysymykset/pelastakaa-lasten-tuore-julkaisu-lapsista-otettuja-tavallisia-arkipaivaisia-kuvia-seksualisoidaan-netissa.html Pelastakaa Lasten tuottama “Arkipäiväiset kuvat lapsista seksualisoivassa kontekstissa” -julkaisu nostaa esiin huolestuttavan ilmiön siitä, että lapsista otettuja tavallisia, arkisia kuvia päätyy netissä seksualisoiviin konteksteihin. Lisäksi:

www.is.fi/digitoday/art-2000008033291.html

A new way to detect deepfake’ picture editing

www.lightbluetouchpaper.org/2021/06/07/a-new-way-to-detect-deepfake-picture-editing/ Common graphics software now offers powerful tools for inpainting using machine-learning models to reconstruct missing pieces of an image. They are widely used for picture editing and retouching, but like many sophisticated tools they can also be abused. They can remove someone from a picture of a crime scene, or remove a watermark from a stock photo. Could we make such abuses more difficult?

You might be interested in …

Daily NCSC-FI news followup 2020-02-25

Mobile malware evolution 2019 securelist.com/mobile-malware-evolution-2019/96280/ Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT www.fireeye.com/blog/threat-research/2020/02/ransomware-against-machine-learning-to-disrupt-industrial-production.html Firefox enables DNS-over-HTTPS by default (with Cloudflare) for all U.S. users thehackernews.com/2020/02/firefox-dns-over-https.html Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks thehackernews.com/2020/02/google-chrome-zero-day.html New OpenSMTPD RCE Flaw Affects Linux and OpenBSD […]

Read More

Daily NCSC-FI news followup 2021-02-26

Ransomware gang hacks Ecuador’s largest private bank, Ministry of Finance www.bleepingcomputer.com/news/security/ransomware-gang-hacks-ecuadors-largest-private-bank-ministry-of-finance/ A hacking group called ‘Hotarus Corp’ has hacked Ecuador’s Ministry of Finance and the country’s largest bank, Banco Pichincha, where they claim to have stolen internal data. Ryuk ransomware now self-spreads to other Windows LAN devices www.bleepingcomputer.com/news/security/ryuk-ransomware-now-self-spreads-to-other-windows-lan-devices/ “Through the use of scheduled tasks, the […]

Read More

Daily NCSC-FI news followup 2020-10-22

Psykoterapiakeskus Vastaamon kiristäjä julkaisi yöllä lisää erittäin arkaluontoisia potilaskertomuksia yle.fi/uutiset/3-11606925 Psykoterapiakeskus Vastaamoa kiristävä henkilö on julkaissut yöllä Tor-verkossa lisää varastamiaan potilastietoja. Potilastiedoista ilmenee Vastaamon asiakkaiden nimet, osoitteet, henkilötunnukset ja potilaskertomukset.. katso myös www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_jatkaa_epaillyn_torkean_tietomurron_tutkintaa_uhreja_pyydetaan_tekemaan_rikosilmoitus_94140?language=fi Toimi näin, jos epäilet joutuneesi tietovuodon uhriksi yle.fi/uutiset/3-11608585 Kyberturvallisuuskeskus ja rikosuhripäivystys ovat koonneet toimintaohjeet tietovuodon uhriksi joutuneille.. katso myös www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/neuvoja-identiteettivarkauden-tai-tietovuodon-uhrille US govt: […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.