Daily NCSC-FI news followup 2021-07-22

Akamai DNS global outage takes down major websites, online services

www.bleepingcomputer.com/news/security/akamai-dns-global-outage-takes-down-major-websites-online-services/ Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, Cloudflare, AWS, Amazon, Google, and Salesforce. Root cause – Akamai Edge DNS was down:

edgedns.status.akamai.com/incidents/n5zl6dythvfv

Researchers Hid Malware Inside an AI’s ‘Neurons’ And It Worked Scarily Well

www.vice.com/en/article/bvzp78/researchers-hid-malware-inside-an-ais-neurons-and-it-worked-scarily-well

Long-awaited bill would force breach victims to contact CISA

www.scmagazine.com/analysis/breach/long-awaited-bill-would-force-breach-victims-to-contact-cisa The Cyber Incident Notification Act would give federal agencies, government contractors, and critical infrastructure owners and operators 24 hours to report breaches to CISA

Kaseya obtains REvil decryptor, starts customer data recovery operations

therecord.media/kaseya-obtains-revil-decryptor-starts-customer-data-recovery-operations/

Homoglyph domains used in BEC scams shut down by Microsoft

www.bitdefender.com/blog/hotforsecurity/homoglyph-domains-used-in-bec-scams-shut-down-by-microsoft 17 domains used in Business Email Compromise (BEC) scams have been seized by Microsoft’s Digital Crimes Unit (DCU), following an investigation by the software giant into attacks that could have stolen millions of dollars from innocent firms.

1, 000 GB of local government data exposed by Massachusetts software company

www.zdnet.com/article/1000-gb-of-local-government-data-exposed-by-massachusetts-software-company/ A group of ethical researchers found over 80 misconfigured Amazon S3 buckets holding data related to about 100 municipalities across the Northeast.

Atlassian asks customers to patch critical Jira vulnerability

www.bleepingcomputer.com/news/security/atlassian-asks-customers-to-patch-critical-jira-vulnerability/ Atlassian is prompting its enterprise customers to patch a critical remote code execution vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products.

Bittium sai ensimmäiset tilaukset Viron puolustusvoimilta arvo 1, 4 miljoonaa euroa

www.tivi.fi/uutiset/tv/6b1444d6-5f5b-4f72-ae4a-e4691718c434

You might be interested in …

Daily NCSC-FI news followup 2021-12-02

Suur­isku verkko­rikollisuuteen: 1­803 pidätetty, 67, 5 miljoonaa euroa pelastettu www.is.fi/digitoday/tietoturva/art-2000008447466.html Euroopan poliisivirasto Europol tiedottaa kansainvälisestä suuroperaatiosta verkkorikollisuutta vastaan. Sarjassaan seitsemäs Emma-operaatio (European Money Mule Action) käsitti 27 maata, Suomi mukaan lukien, ja keskittyi rikollisuuden avulla hankittujen rahojen pesemiseen niin sanottujen muulien avulla. See also: www.europol.europa.eu/newsroom/news/european-money-mule-action-leads-to-1-803-arrests Emotet now spreads via fake Adobe Windows App Installer packages […]

Read More

Daily NCSC-FI news followup 2019-12-15

(Lazy) Sunday Maldoc Analysis: A Bit More … isc.sans.edu/forums/diary/Lazy+Sunday+Maldoc+Analysis+A+Bit+More/25608/ At the end of my diary entry “(Lazy) Sunday Maldoc Analysis”, I wrote that there was something unusal about this document. Let’s take a look at the content of the file and compare that with the file size. Luulitko älylukon olevan turvallinen? Varoittava esimerkki panee miettimään […]

Read More

Daily NCSC-FI news followup 2021-11-09

Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus www.microsoft.com/security/blog/2021/11/08/threat-actor-dev-0322-exploiting-zoho-manageengine-adselfservice-plus/ Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Our colleagues at Palo Alto Unit 42 have also highlighted this activity in their recent blog. We thank Unit 42 for their […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.