Daily NCSC-FI news followup 2021-07-22

Akamai DNS global outage takes down major websites, online services

www.bleepingcomputer.com/news/security/akamai-dns-global-outage-takes-down-major-websites-online-services/ Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, Cloudflare, AWS, Amazon, Google, and Salesforce. Root cause – Akamai Edge DNS was down:

edgedns.status.akamai.com/incidents/n5zl6dythvfv

Researchers Hid Malware Inside an AI’s ‘Neurons’ And It Worked Scarily Well

www.vice.com/en/article/bvzp78/researchers-hid-malware-inside-an-ais-neurons-and-it-worked-scarily-well

Long-awaited bill would force breach victims to contact CISA

www.scmagazine.com/analysis/breach/long-awaited-bill-would-force-breach-victims-to-contact-cisa The Cyber Incident Notification Act would give federal agencies, government contractors, and critical infrastructure owners and operators 24 hours to report breaches to CISA

Kaseya obtains REvil decryptor, starts customer data recovery operations

therecord.media/kaseya-obtains-revil-decryptor-starts-customer-data-recovery-operations/

Homoglyph domains used in BEC scams shut down by Microsoft

www.bitdefender.com/blog/hotforsecurity/homoglyph-domains-used-in-bec-scams-shut-down-by-microsoft 17 domains used in Business Email Compromise (BEC) scams have been seized by Microsoft’s Digital Crimes Unit (DCU), following an investigation by the software giant into attacks that could have stolen millions of dollars from innocent firms.

1, 000 GB of local government data exposed by Massachusetts software company

www.zdnet.com/article/1000-gb-of-local-government-data-exposed-by-massachusetts-software-company/ A group of ethical researchers found over 80 misconfigured Amazon S3 buckets holding data related to about 100 municipalities across the Northeast.

Atlassian asks customers to patch critical Jira vulnerability

www.bleepingcomputer.com/news/security/atlassian-asks-customers-to-patch-critical-jira-vulnerability/ Atlassian is prompting its enterprise customers to patch a critical remote code execution vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products.

Bittium sai ensimmäiset tilaukset Viron puolustusvoimilta arvo 1, 4 miljoonaa euroa

www.tivi.fi/uutiset/tv/6b1444d6-5f5b-4f72-ae4a-e4691718c434

You might be interested in …

Daily NCSC-FI news followup 2020-03-25

Updated protection for Microsoft Office 365 www.kaspersky.com/blog/office-365-protection-update/34412/ In the context of the coronavirus pandemic, there is a growing need to protect collaborative software. We updated Kaspersky Security for Microsoft Office 365 and extended the free license period to six months. US Government Sites Give Bad Security Advice krebsonsecurity.com/2020/03/us-government-sites-give-bad-security-advice/ Many U.S. government Web sites now carry […]

Read More

Daily NCSC-FI news followup 2019-10-05

Vulnerabilities Exploited in Multiple VPN Applications www.us-cert.gov/ncas/current-activity/2019/10/04/vulnerabilities-exploited-multiple-vpn-applications The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. DHS and FDA warn about much broader […]

Read More

Daily NCSC-FI news followup 2020-12-30

DHS orders federal agencies to update SolarWinds Orion platform www.bleepingcomputer.com/news/security/dhs-orders-federal-agencies-to-update-solarwinds-orion-platform/ The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020. Microsoft: SolarWinds hackers’ goal was the victims’ cloud data www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/ Microsoft says […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.