Daily NCSC-FI news followup 2021-07-11

Chinas Great Firewall is blocking around 311k domains, 41k by accident

therecord.media/chinas-great-firewall-is-blocking-around-311k-domains-41k-by-accident/ In the largest study of its kind, a team of academics from four US and Canadian universities said they were able to determine the size of Chinas Great Firewall internet censorship capabilities. In a research project that lasted nine months, from April to December 2020, academics developed a system called GFWatch that accessed domains from inside and outside Chinas internet space and then measured how the Great Firewall (GFW) would tamper with the connection at the DNS level in order to prevent Chinese users from accessing a domain, or an external entity accessing Chinese internal sites.

Ukraine says Russian hackers hit its Navy website

www.reuters.com/world/europe/ukraine-says-russian-hackers-hit-its-navy-website-2021-07-09/ Ukraine’s defence ministry said that hackers linked to the Russian authorities on Friday attacked the website of the Ukrainian Naval Forces and published fake reports about the international Sea Breeze-2021 military drills. Kyiv started in late June the military exercises involving more than 30 countries in the Black Sea, despite Russian calls to cancel the drills.

Scanning for Microsoft Secure Socket Tunneling Protocol

isc.sans.edu/forums/diary/Scanning+for+Microsoft+Secure+Socket+Tunneling+Protocol/27622/ Over the past month I noticed a resurgence of probe by Digitalocean looking for the Microsoft (MS) Secure Socket Tunneling Protocol (SSTP). This MS proprietary VPN protocol is used to establish a secure connection via the Transport Layer Security (TLS) between a client and a VPN gateway.

Ransomware tracker: the latest figures

therecord.media/ransomware-tracker-the-latest-figures/ Colonial Pipeline, JBS Foods, Kaseya were only halfway through 2021, but it can already be dubbed the year of ransomware. The problem isnt impacting all organizations to the same degree, however. According to data collected by Recorded Future, attacks against the most vulnerable organizations schools, healthcare facilities, state and local governments have plateaued or even . Ransomware expert Allan Liska explains that threat actors are focusing their efforts on organizations that can stomach multimillion-dollar ransom demands.

You might be interested in …

Daily NCSC-FI news followup 2021-07-01

NSA, CISA, NCSC, FBI: Russian military cyber-unit Fancy Bear (APT28) behind large-scale brute-force attacks therecord.media/fbi-nsa-russian-military-cyber-unit-behind-large-scale-brute-force-attacks/ US and UK cybersecurity agencies said today that a Russian military cyber unit has been behind a series of brute-force attacks that have targeted the cloud IT resources of government and private sector companies across the world. Direct link to […]

Read More

Daily NCSC-FI news followup 2020-04-02

Hackers linked to Iran target WHO staff emails during coronavirus www.reuters.com/article/us-health-coronavirus-cyber-iran-exclusi/exclusive-hackers-linked-to-iran-target-who-staff-emails-during-coronavirus-sources-idUSKBN21K1RC Hackers working in the interests of the Iranian government have attempted to break into the personal email accounts of staff at the World Health Organization during the coronavirus outbreak, four people with knowledge of the matter told Reuters. CORONAVIRUS TROJAN OVERWRITING THE MBR securitynews.sonicwall.com/xmlpost/coronavirus-trojan-overwriting-the-mbr/ […]

Read More

Daily NCSC-FI news followup 2020-10-22

Psykoterapiakeskus Vastaamon kiristäjä julkaisi yöllä lisää erittäin arkaluontoisia potilaskertomuksia yle.fi/uutiset/3-11606925 Psykoterapiakeskus Vastaamoa kiristävä henkilö on julkaissut yöllä Tor-verkossa lisää varastamiaan potilastietoja. Potilastiedoista ilmenee Vastaamon asiakkaiden nimet, osoitteet, henkilötunnukset ja potilaskertomukset.. katso myös www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_jatkaa_epaillyn_torkean_tietomurron_tutkintaa_uhreja_pyydetaan_tekemaan_rikosilmoitus_94140?language=fi Toimi näin, jos epäilet joutuneesi tietovuodon uhriksi yle.fi/uutiset/3-11608585 Kyberturvallisuuskeskus ja rikosuhripäivystys ovat koonneet toimintaohjeet tietovuodon uhriksi joutuneille.. katso myös www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/neuvoja-identiteettivarkauden-tai-tietovuodon-uhrille US govt: […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.