Daily NCSC-FI news followup 2021-09-05

Malware found preinstalled in classic push-button phones sold in Russia

therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/ In a report published this week by a Russian security researcher named ValdikSS, push-button phones such as DEXP SD2810, Itel it2160, Irbis SF63, and F+ Flip 3 were caught subscribing users to premium SMS services and intercepting incoming SMS messages to prevent detection.

PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers

www.fireeye.com/blog/threat-research/2021/09/proxyshell-exploiting-microsoft-exchange-servers.html Mandiant responded to multiple intrusions impacting a wide variety of industries including Education, Government, Business services, and Telecommunications. These organizations are based in the United States, Europe, and Middle East. However, targeting is almost certainly broader than directly observed.. One specific targeted attack observed by Mandiant, detailed in this post, was against a US-based university where UNC2980 exploited ProxyShell vulnerabilities to gain access to the environment.

You might be interested in …

Daily NCSC-FI news followup 2020-10-24

Vastaamon asiakkaat ovat saaneet henkilökohtaisia kiristysviestejä, viesteissä vaaditaan 200-500 euron arvosta bitcoineja Poliisi: “Kiristysviestin vaatimuksiin ei tule suostua” www.hs.fi/kotimaa/art-2000006698803.html Jos uhri ei maksa, kiristäjä uhkaa julkaista hänen tietonsa sisältäen henkilötietojen lisäksi tarkan potilaskertomuksen, joka sisältää litteroituna terapeutin kanssa käydyt keskustelut. Myös: Vastaamon asiakkaat saavat nyt kiristysviestejä sähköposteihinsa viesteissä vaaditaan 200-500 euron arvosta bitcoineja – yle.fi/uutiset/3-11612183 […]

Read More

Daily NCSC-FI news followup 2020-07-24

Garmin outage caused by confirmed WastedLocker ransomware attack www.bleepingcomputer.com/news/security/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack/ Wearable device maker Garmin shut down some of its connected services and call centers on Thursday following what the company called a worldwide outage, now confirmed to be caused by a WastedLocker ransomware attack. Lisäksi www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/ ja www.forbes.com/sites/leemathews/2020/07/23/garmins-alleged-ransomware-wastedlocker-evil-corp/ ja thehackernews.com/2020/07/garmin-ransomware-attack.html ja threatpost.com/garmin-suffers-ransomware-attack/157698/ Poliisi varoittaa Microsoft huijaussoitoista […]

Read More

Daily NCSC-FI news followup 2020-12-11

AIVD exposes espionage network in the Netherlands; two Russian intelligence officers forced to leave the country english.aivd.nl/latest/news/2020/12/10/aivd-exposes-espionage-network-in-the-netherlands-two-russian-intelligence-officers-forced-to-leave-the-country Recently the General Intelligence and Security Service (“Algemene Inlichtingen- en Veiligheidsdienst” AIVD) disrupted the covert activities of an intelligence officer of the Russian civil intelligence agency SVR. The intelligence officer – who worked at the Russian Embassy in […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.