Daily NCSC-FI news followup 2021-07-19

Kiina: ulkoasiainedustajan Euroopan unionin puolesta antama julkilausuma, jossa Kiinan viranomaisia kehotetaan ryhtymään toimiin Kiinan alueelta käsin toteutettuja haitallisia kybertoimia vastaan

www.consilium.europa.eu/fi/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-… EU ja sen jäsenmaat paljastavat tänään yhdessä kumppaneidensa kanssa haitallisia kybertoimia, joilla on ollut merkittävä vaikutus talouteen, turvallisuuteen, demokratiaan ja koko yhteiskuntaan. EU ja sen jäsenmaat arvioivat, että nämä haitalliset kybertoimet on toteutettu Kiinan alueelta käsin. Nämä toimet voidaan yhdistää hakkeriryhmiin, jotka tunnetaan nimillä Advanced Persistent Threat 40 ja Advanced Persistent Threat 31. Toimet on toteutettu Kiinan alueelta käsin tarkoituksena teollis- ja tekijänoikeuksien varastaminen ja vakoilu. Katso myös UK:n, USAn ja NATOn vastaavat lausunnot:. UK:

www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking. USA:

www.whitehouse.gov/briefing-room/statements-releases/2021/07/19/the-united-states-joined-by-allies-and-partners-attributes-malicious-cyber-activity-and-irresponsible-state-behavior-to-the-peoples-r…. NATO: www.nato.int/cps/en/natohq/news_185863.htm. CISA/NSA/FBI TTPs:

us-cert.cisa.gov/ncas/current-activity/2021/07/19/us-government-releases-indictment-and-several-advisories-detailing

Selvitys: Unkari ja yhdeksän muuta maata vakoilleet kansalaisiaan israelilaisyrityksen haittaohjelmalla “tarkkailulistalla” jopa tuhansia henkilöitä

yle.fi/uutiset/3-12025927 Kansainvälisen toimittajaryhmän selvitys antaa viitteitä, että useat valtiot ovat käyttäneet terrorismintorjuntaan tarkoitettua vakoiluohjelmaa kansalaistensa tarkkailemiseen. Hakkeroinnin uhreiksi epäillään joutuneen muun muassa toimittajia ja ihmisoikeusaktivisteja. Kaikkiaan kymmenen maan hallituksia voidaan epäillä kansalaistensa vakoilemisesta. Nämä valtiot ovat EU-maa Unkari, Azerbaidzan, Bahrain, Kazakstan, Meksiko, Marokko, Ruanda, Saudi-Arabia, Intia ja Yhdistyneet Arabiemiirikunnat. Selvityksen mukaan Pegasus-ohjelmaa on levitetty Applen iPhone-laitteisiin iMessage-viesteissä olevan uuden haavoittuvuusketjun välityksellä. Tästä ei vielä ole tarkempia tietoja. HS: www.hs.fi/ulkomaat/art-2000008134250.html. Amnesty:

www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/. The Guardian:

www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus. Forbes:

www.forbes.com/sites/thomasbrewster/2021/07/19/pegasus-spyware-does-apple-have-major-imessage-security-problems/

Meet WiFiDemon iOS WiFi RCE 0-Day Vulnerability, and a Zero-Click Vulnerability That Was Silently Patched

blog.zecops.com/research/meet-wifidemon-ios-wifi-rce-0-day-vulnerability-and-a-zero-click-vulnerability-that-was-silently-patched/ Recently a silently patched 0-click WiFi proximity vulnerability on iOS 14 iOS 14.4 without any assigned CVE. That the publicly announced WiFi Denial of Service (DoS) bug, which is currently a 0day, is more than just a DoS and actually a RCE

Saudi Aramco data breach sees 1 TB stolen data for sale

www.bleepingcomputer.com/news/security/saudi-aramco-data-breach-sees-1-tb-stolen-data-for-sale/ A threat actor group known as ZeroX is offering 1 TB of proprietary data belonging to Saudi Aramco for sale. Saudi Aramco told BleepingComputer that the data breach occurred at third-party contractors, rather than direct exploitation of Aramco’s systems

Four cryptographic vulnerabilities in Telegram

ethz.ch/en/news-and-events/eth-news/news/2021/07/four-cryptographic-vulnerabilities-in-telegram.html An international research team of cryptographers completed a detailed security analysis of the popular Telegram messaging platform identifying several weaknesses in its protocol. The team informed Telegram developers of their findings 90 days prior to making them public, offering the company ample time to address the issues identified. Telegram has reacted to the results and fixed the security issues found by the researchers with software updates.

Swedish man sentenced for gold-backed cryptocurrency scam

www.zdnet.com/article/swedish-man-sentenced-for-gold-backed-cryptocurrency-scam/ Prosecutors say that investors were defrauded out of over $16 million. A Swedish man has been sentenced to 15 years behind bars for operating a cryptocurrency scam that claimed to pay investors based on the price of gold reserves.

Nokialle 5g-sopimus: yhteistyö Taiwanissa jatkuu

www.tivi.fi/uutiset/tv/8e5d2890-d3ab-40eb-9a57-5dc6893813c7 Verkkolaiteyhtiö Nokia kertoo sopineensa pitkäaikaisen yhteistyökumppaninsa Taiwan Star Telecomin kanssa jatkavansa Taiwanin 5g-verkon laajentamista.

You might be interested in …

Daily NCSC-FI news followup 2019-11-13

While CISOs Fret, Business Leaders Tout Security Robustness www.darkreading.com/operations/while-cisos-fret-business-leaders-tout-security-robustness/d/d-id/1336342 Nominet recently surveyed nearly 300 senior security and IT practitioners, including CISOs, CIOs, and CTOs from the US and UK. The survey sought to assess the level of confidence among executives about their organizations’ cybersecurity posture and readiness to deal with threats.. Seventy percent of the […]

Read More

Daily NCSC-FI news followup 2019-11-29

Europol Shuts Down ‘Imminent Monitor’ RAT Operations With 13 Arrests thehackernews.com/2019/11/europol-imminent-monitor-rat.html In a coordinated International law enforcement operation, Europol today announced to shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely.. see also www.europol.europa.eu/newsroom/news/international-crackdown-rat-spyware-which-takes-total-control-of-victims%E2%80%99-pcs The Olympics Goes […]

Read More

Daily NCSC-FI news followup 2022-01-02

Uber ignores vulnerability that lets you send any email from Uber.com www.bleepingcomputer.com/news/security/uber-ignores-vulnerability-that-lets-you-send-any-email-from-ubercom/ Security researcher and bug bounty hunter Seif Elsallamy discovered a flaw in Uber’s systems that enables anyone to send emails on behalf of Uber. The researcher who discovered this flaw warns this vulnerability can be abused by threat actors to email 57 million […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.