Daily NCSC-FI news followup 2021-09-05

Malware found preinstalled in classic push-button phones sold in Russia

therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/ In a report published this week by a Russian security researcher named ValdikSS, push-button phones such as DEXP SD2810, Itel it2160, Irbis SF63, and F+ Flip 3 were caught subscribing users to premium SMS services and intercepting incoming SMS messages to prevent detection.

PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers

www.fireeye.com/blog/threat-research/2021/09/proxyshell-exploiting-microsoft-exchange-servers.html Mandiant responded to multiple intrusions impacting a wide variety of industries including Education, Government, Business services, and Telecommunications. These organizations are based in the United States, Europe, and Middle East. However, targeting is almost certainly broader than directly observed.. One specific targeted attack observed by Mandiant, detailed in this post, was against a US-based university where UNC2980 exploited ProxyShell vulnerabilities to gain access to the environment.

You might be interested in …

Daily NCSC-FI news followup 2019-11-03

BlueKeep attacks are happening, but it’s not a worm www.zdnet.com/article/bluekeep-attacks-are-happening-but-its-not-a-worm/ Hackers are using BlueKeep to break into Windows systems and install a cryptocurrency miner. Security researchers have spotted the first mass-hacking campaign using the BlueKeep exploit; however, the exploit is not being used as a self-spreading worm, as Microsoft was afraid it would happen last […]

Read More

Daily NCSC-FI news followup 2019-06-12

Kyberhyökkääjä iski Lahden kaupungin verkkoon haittaohjelma ehti saastuttaa tietokoneita yle.fi/uutiset/3-10827423 Lahden kaupungin verkkoon ja työasemiin kohdistui kyberhyökkäys tiistaina iltapäivällä. Hyökkäyksen seurauksena verkko kuormittui ja ohjelma ehti saastuttaa koneita. Haittaohjelma on tunnistettu, ja virustorjuntaohjelmisto eristää sen tartunnan saaneissa koneissa, , kertoo kaupunki tiedotteessaan. Operaattorin palomuureissa on havaittu haittaohjelmaan liittyviä yhteysavauksia ja verkkoliikennettä, joka on estetty.. Myös: […]

Read More

About the NCSC-FI daily news summary

The National Cyber Security Center of Finland provides a number of awesome services. One of those services is a news follow-up, which consists of the duty officers wading throught the masses of infosec news appearing every day and hand-picks the most important and significant ones. These are combined to an email digest, that is sent […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.