Daily NCSC-FI news followup 2021-06-30

Public Windows PrintNightmare 0-day exploit allows domain takeover

www.bleepingcomputer.com/news/security/public-windows-printnightmare-0-day-exploit-allows-domain-takeover/ Another vulnerability, CVE-2021-1675 also regarding Print Spooler, was fixed in the Microsoft June update. Researchers from Chinese security company Sangfor, decided to release their writeup and demo exploit called PrintNightmareand believed to release information about the same issue. As it turns out PrintNightmare is not the same as CVE-2021-1675. PrintNightmare PoC was released to Github and even if the original was removed, it was already cloned and is still available. This vulnerability is critical and workaround should be implemented immediately.

CISA releases new ransomware self-assessment security audit tool

www.bleepingcomputer.com/news/security/cisa-releases-new-ransomware-self-assessment-security-audit-tool/ The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET).

Kiristyshaittaohjelmahyökkäys sulki Hämeenlinnan, Hattulan ja Janakkalan kirjastot, merkkejä tietojen vuotamisesta ei ole havaittu

www.hs.fi/kotimaa/art-2000008093204.html Hattulan ja Janakkalan kirjastojen kirjastojärjestelmässä Vanamossa ilmenneen käyttökatkon syyksi on paljastunut kiristyshaittaohjelmahyökkäys. Hyökkäyksen kohteena on Norjassa järjestelmätoimittaja Axiell, jonka asiakkaita Hämeenlinnan, Hattulan ja Janakkalan kirjastot ovat. Vanamo palautuu asiakkaiden käyttöön luultavimmin torstaina.

Police seize DoubleVPN data, servers, and domain

blog.malwarebytes.com/cybercrime/2021/06/police-seize-doublevpn-data-servers-and-domain/ A coordinated effort between global law enforcement agenciesled by the Dutch National Policeshut down a VPN service that was advertised on cybercrime forums. The VPN company promised users the ability to double- and triple-encrypt their web traffic to obscure their location and identity.

You might be interested in …

Daily NCSC-FI news followup 2021-09-17

NSO Group iMessage Zero-Click Exploit Captured in the Wild citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ The Citizen Lab disclosed the vulnerability and code to Apple, which has assigned the FORCEDENTRY vulnerability CVE-2021-30860 and describes the vulnerability as “processing a maliciously crafted PDF may lead to arbitrary code execution.”. In this article, Citizen Lab analyses the exploit chain in detail. Mitigating […]

Read More

Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its […]

Read More

Daily NCSC-FI news followup 2020-10-26

Apua ja neuvoja tietovuodon uhreille tietovuotoapu.fi/fi/ Tietovuotoapu-sivustolta löydät kootusti viranomaisten ja avustusjärjestöjen ohjeita tietovuodon uhreille. Sivustoa päivitetään jatkuvasti. Mitä tehdä, jos törmää vuodettuun materiaaliin? Tietojen käsittelemisestä voi saada jopa vuoden vankeusrangaistuksen yle.fi/uutiset/3-11613689 Jos netissä törmää vuodettuun, haitalliseen sisältöön, siitä tulisi ilmoittaa Kyberturvallisuuskeskukseen tai poliisille. Moni miettii nyt, onko oma tietoturva ajan tasalla asiantuntija kertoo viisi […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.