Poistimme Android-haittaohjelmia koskevan varoituksen
www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/poistimme-android-haittaohjelmia-koskevan-varoituksen Poistimme 4.6. annetun Android-haittaohjelmia koskevan varoituksen. Kesäkuun alkupuolella erittäin aktiivisena tapahtunut haittaohjelman levityskampanja on nyt rauhoittunut ja ilmoitusmäärät haittaohjelmaa levittävistä tekstiviesteistä ovat laskeneet merkittävästi.
City of Liege, Belgium hit by ransomware
therecord.media/city-of-liege-belgium-hit-by-ransomware/ Liege, the third biggest city in Belgium, has suffered today a ransomware attack that has disrupted the municipality’s IT network and online services. While officials only described the incident as a “computer attack, ” two Belgian radio and TV stations reported that the attack was the work of the Ryuk ransomware gang.
Smart thermostats cranked up remotely by Texas energy firms, as consumers swelter in heat wave
www.bitdefender.com/box/blog/iot-news/smart-thermostats-cranked-remotely-texas-energy-firms-consumers-swelter-heat-wave/ Some sweltering residents of Texas are reporting that they are unable to lower the temperature on their Wi-Fi enabled “smart” thermostats after it was mysteriously raised, and they are struggling to understand why. The reason, it transpires, is not that malicious hackers have broken into the IoT devices to cause mayhem but is instead all part of an energy conservation campaign promoted by Texas’s power grid operator struggling to stay online in the Lone Star State.
Ransomware Gang Cl0p Announces New Victim After Police Bust
www.vice.com/en/article/88n5j3/ransomware-gang-cl0p-announces-new-victim-after-police-bust The hacking group has resurfaced online on its official dark web site, suggesting the arrests may not have hit it too hard.
North Korean hackers breach South Korean submarine builder (again)
therecord.media/north-korean-hackers-breach-south-korean-submarine-builder-again/ North Korean hackers are believed to have breached South Korea’s top submarine builder for the second time in the past decade, South Korean news outlet JoongAng reported on Sunday.
Hackers are trying to attack big companies. Small suppliers are the weakest link
www.zdnet.com/article/hackers-are-trying-to-attack-big-companies-small-suppliers-are-the-weakest-link/ Defence companies are a prime target for cyber attackers, and the sometimes-poor security of SMBs in the supply chain could be giving them an easy way in, warn researchers.
Attackers in Executive Clothing – BEC continues to separate orgs from their money
blog.talosintelligence.com/2021/06/business-email-compromise.html Business Email Compromise starts as a lot of cybercrime does, with an email. These emails can vary widely in content or in design, but they are almost always spoofed to look like they are coming from someone important. The other common thing is they will almost always ask for some type of assistance. The type of request varies widely, as we’ll demonstrate throughout this blog, but the resulting ask is always financial in nature and will require the recipient to purchase something or wire funds somewhere. So let’s walk through some examples of what we’ve seen over the past year.
How Cyber Safe is Your Drinking Water Supply?
krebsonsecurity.com/2021/06/how-cyber-safe-is-your-drinking-water-supply/ Amid multiple recent reports of hackers breaking into and tampering with drinking water treatment systems comes a new industry survey with some sobering findings: A majority of the 52, 000 separate drinking water systems in the United States still haven’t inventoried some or any of their information technology systems a basic first step in protecting networks from cyberattacks.
DirtyMoe malware has infected more than 100, 000 Windows systems
therecord.media/dirtymoe-malware-has-infected-more-than-100000-windows-systems/ A Windows malware botnet believed to be operated out of China has exploded this year, growing from 10, 000 infected systems in 2020 to more than 100, 000 in the first half of 2021, cyber-security firm Avast reported last week. also:
Wormable DarkRadiation Ransomware Targets Linux and Docker Instances
thehackernews.com/2021/06/wormable-darkradiation-ransomware.html Cybersecurity researchers have disclosed a new ransomware strain called “DarkRadiation” that’s implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications. also:
www.secureworks.com/research/lv-ransomware CTU analysis revealed that the LV ransomware is not a distinct ransomware family; it is repurposed REvil ransomware. By modifying the binary of a prolific ransomware family, the GOLD NORTHFIELD threat actors significantly expedited their maturity within the ransomware ecosystem.
Zephyr OS Bluetooth vulnerabilities left smart devices open to attack
www.theregister.com/2021/06/22/zephyr_os_bluetooth_vulnerabilities/ Vulnerabilities in the Zephyr real-time operating system’s Bluetooth stack have been identified, leaving a wide variety of Internet of Things devices open to attack unless upgraded to a patched version of the OS.
Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft
threatpost.com/nvidia-jetson-chipset-dos-data-theft/167093/ Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms.
Lexmark Printers Open to Arbitrary Code-Execution Zero-Day
threatpost.com/lexmark-printers-code-execution-zero-day/167111/ Successful execution requires an intruder to have access to the underlying host system, Barratt said via email on Tuesday, so it’s “more of an attack vector for potential lateral movement and privilege escalation.” He noted that the bug could be used potentially by a malicious insider looking to circumvent permissions on a corporate computer, for example.
Email Bug Allows Message Snooping, Credential Theft
threatpost.com/email-bug-message-snooping-credential-theft/167125/ A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched.
APNIC left a dump from its Whois SQL database in a public Google Cloud bucket
www.theregister.com/2021/06/22/apnic_whois_data_exposed/ The Asia Pacific Network Information Centre (APNIC), the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months.
Googlella ongelmia: Android-puhelimissa pahoja häiriöitä
www.is.fi/digitoday/art-2000008074775.html Vika on puhelimien Google-sovelluksessa. Ongelman voi kiertää puhelimen asetuksista.
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
www.darkreading.com/edge/theedge/7-powerful-cybersecurity-skills-the-energy-sector-needs-most/b/d-id/1341349 Those looking to join the fight might want to polish up or acquire some (or all) of these hottest skills on the market.
Sonatype Catches New PyPI Cryptomining Malware
blog.sonatype.com/sonatype-catches-new-pypi-cryptomining-malware-via-automated-detection Sonatype has identified malicious typosquatting packages infiltrating the PyPI repository that secretly pull in cryptominers on the affected machines.
Machine Learning and Cybersecurity – Hype and Reality
cset.georgetown.edu/publication/machine-learning-and-cybersecurity/ Cybersecurity operators have increasingly relied on machine learning to address a rising number of threats. But will machine learning give them a decisive advantage or just help them keep pace with attackers? This report explores the history of machine learning in cybersecurity and the potential it has for transforming cyber defense in the near future.