Suomalaiset menettäneet 13, 5 miljoonaa huijareille lue poliisin ohjeet
www.is.fi/digitoday/tietoturva/art-2000008078041.html Verkkohuijarit ovat vieneet suomalaisilta tänä vuonna 13, 5 miljoonaa euroa, joista lähes 5 miljoonaa pankkihuijauksin.
Huawei sai kylmää vettä niskaan Ruotsissa – Ericsson pelkää kostoa
www.tivi.fi/uutiset/tv/a3301f54-967e-482f-addf-6f3698eda710 Ruotsin turvallisuuspoliisin esittämät uhkakuvat vakuuttivat hallinto-oikeuden Huawein muodostamasta riskistä.
MITRE releases D3FEND, defensive measures complimentary to its ATT&CK framework
therecord.media/mitre-releases-d3fend-defensive-measures-complimentary-to-its-attck-framework/ The basic idea behind D3FEND is that the framework will provide defensive techniques that system administrators can apply to counter the practices detailed in the ATT&CK matrix, a one-of-a-kind project that was set up in 2015 to catalog and index the most common offensive techniques used by threat actors in the real world.
French Spyware Executives Are Indicted for Aiding Torture
www.wired.com/story/french-spyware-executives-indicted-aiding-torture/ The managers are accused of selling tech to Libya and Egypt that was used to to identify activists, read private messages, and kidnap, torture, or kill them.
This secretive firm has powerful new hacking tools
www.wired.co.uk/article/phone-hacking-mollitiam-industries A secretive cyberintelligence firm claims to have created powerful hacking tools that can remotely monitor and take control of Android, MacOS and Windows devices. Designed for those looking to “investigate targets in tactical operations, ” Mollitiam Industries is promoting tools that are capable of the “anonymous interception, and the remote and invisible control of targets connected to the internet, ” according to documents seen by WIRED.
Microsoft warns: Now attackers are using a call centre to trick you into downloading ransomware
www.zdnet.com/article/microsoft-warns-now-attackers-are-using-a-call-centre-to-trick-you-into-downloading-ransomware/ Beware of phishing emails claiming your free trial subscription is over and that urge you to call a number to cancel it before you get slugged with monthly fees.
Guide for enterprises on how to prevent and deal with ransomware attacks
blog.checkpoint.com/2021/06/23/global-surge-in-ransomware-attacks-to-pay-or-not-to-pay-is-not-the-only-question/ Every week, more than 1, 200 organizations worldwide fall victim to a ransomware attack, and all enterprises without exceptions are at risk. The number of ransomware attacks is growing for a simple reason, hackers are getting paid. The increase in attacks is also related to the availability of threats. Many hacker groups offer ransomware as a service, so anyone can rent this type of threat, including infrastructure, negotiating with victims or extortion websites where stolen information can be posted.
Response When Minutes Matter: Falcon Complete Disrupts WIZARD SPIDER eCrime Operators
www.crowdstrike.com/blog/how-falcon-complete-disrupts-ecrime-operators-wizard-spider/ In this blog, we describe a string of recent incidents in which the CrowdStrike Falcon Complete team observed a financially motivated eCrime operator (likely WIZARD SPIDER) use compromised external remote services (Microsoft Remote Desktop Protocol, or RDP) along with Cobalt Strike in an unsuccessful attempt to deploy ransomware. This activity indicates a notable increase in the adversary’s tactics to include RDP brute forcing along with their more traditional modus operandi for initial access via phishing or leveraging their partner networks of access brokers.
Unpatched Flaw in Linux Pling Store Apps Could Lead to Supply-Chain Attacks
thehackernews.com/2021/06/unpatched-critical-flaw-affects-pling.html Cybersecurity researchers have disclosed a critical unpatched vulnerability affecting Pling-based free and open-source software (FOSS) marketplaces for Linux platform that could be potentially abused to stage supply-chain attacks and achieve remote code execution (RCE).
SonicWall bug affecting 800K firewalls was only partially fixed
www.bleepingcomputer.com/news/security/sonicwall-bug-affecting-800k-firewalls-was-only-partially-fixed/ Turns out, the vulnerability was not properly patcheduntil now. As such a new vulnerability identifier, CVE-2021-20019 has been assigned to the flaw. SonicWall has now released advisories related to this vulnerability today, with further information on the fixed versions. also:
Strategies, tools, and frameworks for building an effective threat intelligence team
www.microsoft.com/security/blog/2021/06/22/strategies-tools-and-frameworks-for-building-an-effective-threat-intelligence-team/ In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Red Canary Director of Intelligence Katie Nickels, a certified instructor with the SANS Institute. In this blog, Katie shares strategies, tools, and frameworks for building an effective threat intelligence team.
USB-based malware is a growing concern for industrial firms, new Honeywell findings show
www.cyberscoop.com/usb-malware-honeywell-cyber-risk/ The number of cyber threats designed to use USB sticks and other external media devices as launching pads doubled in 2021, according to new research from Honeywell, the industrial automation giant.
How to confuse antimalware neural networks. Adversarial attacks and protection
securelist.com/how-to-confuse-antimalware-neural-networks-adversarial-attacks-and-protection/102949/ In this article we attempt to attack our product anti-malware neural network models and check existing defense methods.
Vastaamon tietomurron uhrit tehneet 25 000 rikosilmoitusta kiristyksestä poliisi toivoo silti lisää ja aloittaa kuulemiset syksyllä
yle.fi/uutiset/3-11995066 Vastaamon tietomurron uhrit ovat tehneet poliisille ennätyksellisen paljon rikosilmoituksia. Poliisin arvion mukaan uhreja on kuitenkin useita tuhansia enemmän. Poliisi toivoo, että rikosilmoituksia tehtäisiin vielä ennen syksyä.
Tulsa warns of data breach after Conti ransomware leaks police citations
www.bleepingcomputer.com/news/security/tulsa-warns-of-data-breach-after-conti-ransomware-leaks-police-citations/ The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online.
Pakistan-linked hackers targeted Indian power company with ReverseRat
thehackernews.com/2021/06/pakistan-linked-hackers-targeted-indian.html A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research. also:
Threat Update 43 Ransomware Early Warning: Brute Force
www.varonis.com/blog/threat-update-43-ransomware-early-warning-brute-force/ Join Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team as they talk about how monitoring for brute-force attempts helps organizations spot potential infiltration points or attempts to elevate rights. They will also review real-world examples of how to narrow down the source of the attempts to foil the attacker’s plans.