Daily NCSC-FI news followup 2021-07-21

Virtuaalivaluuttoihin liittyviä rahanpesuilmoituksia alkuvuonna yli 3, 4 miljoonaa kappaletta, kertoo KRP

www.is.fi/digitoday/tietoturva/art-2000008140592.html Selvittelykeskus kirjasi kesäkuun loppuun mennessä rahanpesurekisteriin ennätykselliset yli 3466000 epäilyttävää liiketoimea tai epäiltyä terrorismin rahoittamista koskevaa ilmoitusta. Näistä noin 26600 tuli muilta kuin virtuaalivaluuttapalveluihin liittyviltä tahoilta.

Suomi ja Singapore 6g-yhteistyöhön “Voimme saavuttaa molemminpuolista etua”

www.tivi.fi/uutiset/tv/45e16ffc-1ba1-411e-87be-edbcd797803f Oulun yliopiston koordinoima 6g-teknologian tutkimus- ja kehitysohjelma 6g Flagship ja Singapore ovat sopineet tekevänsä yhteistyötä 6g:n kehityksessä. Kumppanuus julkaistiin tiistaina 13. heinäkuuta Asia Tech x Singapore -teknologiatapahtumassa Singaporessa.

ANSSI (CERT-FR) releases indicators of compromise related to recent APT31 activity


Malware Targeting Pulse Secure Devices

us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports (MARs) for threat actor techniques, tactics, and procedures (TTPs) and indicators of compromise (IOCs)

NPM package steals Chrome passwords on Windows via recovery tool

www.bleepingcomputer.com/news/security/npm-package-steals-chrome-passwords-on-windows-via-recovery-tool/ The packages are: nodejs_net_server (over 1, 300 total downloads) and temptesttempfile (over 800).

Google Chrome now comes with up to 50x faster phishing detection

www.bleepingcomputer.com/news/security/google-chrome-now-comes-with-up-to-50x-faster-phishing-detection/ “On average, users will get their phishing classification results after 100 milliseconds, instead of 1.8 seconds. [..] This speed improvement makes a real difference in security – especially when it comes to stopping you from entering your password in a malicious site!”. Blog:


Top prevalent malware (Formbook) with a thousand campaigns migrates to macOS (as XLoader)


MosaicLoader: password-stealing Windows malware is distributed via ads in search results

www.zdnet.com/article/this-password-stealing-windows-malware-is-distributed-via-ads-in-search-results/ MosaicLoader is delivered to victims via advertising. Links to the malware appear at the top of search results when people search for cracked versions of popular software. More details:


USA: DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

www.dhs.gov/news/2021/07/20/dhs-announces-new-cybersecurity-requirements-critical-pipeline-owners-and-operators This Security Directive requires owners and operators of TSA-designated critical pipelines to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review.

You might be interested in …

Daily NCSC-FI news followup 2020-07-09

More evil: A deep look at Evilnum and its toolset www.welivesecurity.com/2020/07/09/more-evil-deep-look-evilnum-toolset/ In this article we connect the dots and disclose a detailed picture of Evilnums activities. The groups targets remain fintech companies, but its toolset and infrastructure have evolved and now consist of a mix of custom, homemade malware combined with tools purchased from Golden […]

Read More

Daily NCSC-FI news followup 2020-02-02

Firefox now shows what telemetry data it’s collecting about you www.zdnet.com/article/firefox-now-shows-what-telemetry-data-its-collecting-about-you/ Users can no go to about:telemetry and see what Mozilla is collecting about their Firefox installs. Poliisin ohje Nivalan Nuorisoseuran täydelle salille ikäihmisiä, miten pitää rahat ja omaisuus varkailta suojassa: “Jos Töllin Keijo soittaa teille, älkää antako tunnuslukua.” www.nivala-lehti.fi/uutinen/588218 Kun sosiaalisessa mediassa kuitenkin ollaan, […]

Read More

Daily NCSC-FI news followup 2019-09-29

German Cops Raid Cyberbunker 2.0, Arrest 7 in Child Porn, Dark Web Market Sting krebsonsecurity.com/2019/09/german-cops-raid-cyberbunker-2-0-arrest-7-in-child-porn-dark-web-market-sting/ German authorities said Friday theyd arrested seven people and were investigating six more in connection with the raid of a Dark Web hosting operation that allegedly supported multiple child porn, cybercrime and drug markets with hundreds of servers buried inside […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.