Daily NCSC-FI news followup 2021-08-29

A bad solar storm could cause an Internet apocalypse

arstechnica.com/science/2021/08/a-bad-solar-storm-could-cause-an-internet-apocalypse/ Scientists have known for decades that an extreme solar storm, or coronal mass ejection, could damage electrical grids and potentially cause prolonged blackouts. The repercussions would be felt everywhere from global supply chains and transportation to Internet and GPS access. Less examined until now, though, is the impact such a solar emission could have on Internet infrastructure specifically. New research shows that the failures could be catastrophic, particularly for the undersea cables that underpin the global Internet.

Filter JSON Data by Value with Linux jq

isc.sans.edu/forums/diary/Filter+JSON+Data+by+Value+with+Linux+jq/27792/ Since JSON has become more prevalent as a data service, unfortunately, it isn’t at all BASH friendly and manipulating JSON data at the command line with REGEX (i.e. sed, grep, etc.) is cumbersome and difficult to get the output I want. So, there is a Linux tool I use for this, jq is a tool specifically written to manipulate and filter the data I want (i.e. like scripting and extract the output I need) from large JSON file in an output format I can easily read and manipulate.

72-vuotias Maija menetti eläke­säästönsä Microsoft-huijari vei 23500 euroa

www.is.fi/digitoday/tietoturva/art-2000008222024.html 15000 euroa pankkitililtä ja 8500 euroa luottokortilla. Tämän eläkesäästöjen menetyksen kanssa joutuu nyt elämään Varsinais-Suomessa asuva Maija, 72 (nimi muutettu). Kaikki alkoi 4. elokuuta, kun Maijalla oli ongelmia uuden kannettavan tietokoneen kanssa. Huono-onnisen sattuman kautta huijari soitti juuri tällä hetkellä ja esittäytyi Microsoftin edustajaksi.

6 Things You Need to Do to Prevent Getting Hacked

www.wired.com/story/how-to-prevent-getting-hacked/ THERE ARE TWO big reasons why people get hacked. Flaws in software and flaws in human behavior. While theres not much you can do about coding vulnerabilities, you can change your own behavior and bad habits. Just ask former US president Donald Trump, whose Twitter password was maga2020! Or Boris Johnson, who revealed details of sensitive Zoom calls at the start of the pandemic in 2020. (These world leaders will have had specific security training from protection agencies too.). The risks are just as real for the average personeven if the stakes arent quite so high. If your accounts arent properly protected, your credit card could be compromised or your private messages and photographs stolen and shared for all to see.

GitHub Copilot Security Study: ‘Developers Should Remain Awake’ in View of 40% Bad Code Rate

visualstudiomagazine.com/articles/2021/08/26/github-copilot-security.aspx Researchers published a scholarly paper looking into security implications of GitHub Copilot, an advanced AI system now being used for code completion in Visual Studio Code and possibly headed for Visual Studio after its current preview period ends. In multiple scenario testing, some 40 percent of tested projects were found to include security vulnerabilities.

Winning the Cyber-Defense Race: Understand the Finish Line

threatpost.com/winning-cyber-defense-race/168996/ Kerry Matre, Mandiant senior director, clears up misconceptions about the value to business for enterprise cyber-defense. Hint: Its not achieving visibility. If you ask organizations about their top objectives, you will likely hear they need to increase visibility, reduce toolsets and adopt automation to counteract the cybersecurity skills gap. And what most dont realize is that these initiatives are driven by hurdles the industry has created for itself. Countless hours are spent trying to overcome hurdles in a process that doesnt get us any closer to thwarting threat actors. Consolidating tools, for example, is just a preservation tactic therein lies the problem. So, how can security professionals stop using Band-Aids and reevaluate whats really going on and how to defend against threats?

You might be interested in …

Daily NCSC-FI news followup 2020-10-05

Johdon ohjaus on ratkaisevaa yrityksen kyberkestävyyden kannalta www.huoltovarmuuskeskus.fi/johdon-ohjaus-on-ratkaisevaa-yrityksen-kyberkestavyyden-kannalta/ Johdon sitoutuminen ja ohjaus ratkaisevat yrityksen kyberkestävyyden ja sitä kautta liiketoiminnan jatkuvuuden. Suomessa finanssiala on pisimmällä kyberturvallisuudessa, kertoo Huoltovarmuusorganisaation Digipoolin teettämä kartoitus MosaicRegressor: Lurking in the Shadows of UEFI securelist.com/mosaicregressor/98849/ UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips […]

Read More

Daily NCSC-FI news followup 2021-09-19

An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/ A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control. Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign […]

Read More

Daily NCSC-FI news followup 2019-07-15

Lahdessa toivotaan kyberhyökkääjän jäävän kiinni”Tällainen toiminta ei ole mitään askartelua ja puuhastelua, vaan raakaa ammattimaista rikollisuutta” www.ess.fi/uutiset/paijathame/art2554035 Tietoturva-asiantuntijat antavat Lahdelle kiitosta ripeästä toiminnasta kesäkuisen kyberhyökkäyksen alettua. “Toiminta oli erittäin asiantuntevaa”, sanoo Kyberturvallisuuskeskuksen Kauto Huopio. Turla renews its arsenal with Topinambour securelist.com/turla-renews-its-arsenal-with-topinambour/91687/ 2019 has seen the Turla actor actively renew its arsenal. Its developers are still […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.