Daily NCSC-FI news followup 2021-09-20

Alaska discloses sophisticated’ nation-state cyberattack on health service

therecord.media/alaska-discloses-sophisticated-nation-state-cyberattack-on-health-service/ A nation-state cyber-espionage group has gained access to the IT network of the Alaska Department of Health and Social Service (DHSS), the agency said last week. While the DHSS made the incident public on May 18 and published two updates in June and August, the agency did not reveal any details about the intrusion until last week, when it officially dispelled the rumor that this was a ransomware attack.

US farmer cooperative hit by $5.9M BlackMatter ransomware attack

www.bleepingcomputer.com/news/security/us-farmer-cooperative-hit-by-59m-blackmatter-ransomware-attack/ U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. In a weekend ransomware attack, the threat actors demand a 5.9 million dollar ransom, which will increase to $11.8 million if a ransom is not paid in five days.

EventBuilder misconfiguration exposes Microsoft event registrant data

www.bleepingcomputer.com/news/security/eventbuilder-misconfiguration-exposes-microsoft-event-registrant-data/ Personal details of registrants to virtual events available through the EventBuilder platform have stayed accessible over the public internet, open to indexing by various engines. EventBuilder is a software solution for creating virtual events (webinars, training, online learning, conferences) using Microsoft technologies and integrates with Microsoft Teams and Teams Live Events extension.

Tyhjistä sairaalatiloista löytyi taas salaiseksi tarkoitettuja tietoja

yle.fi/uutiset/3-12107416 Lukituista tiloista löytynyt tietosuojattava materiaali on tuhottu ja tietoturvaloukkauksista on tehty ilmoitukset tietosuojavaltuutetun toimistoon. Pirkanmaan sairaanhoitopiirin alueella olevista tyhjistä sairaalatiloista on löytynyt taas salaiseksi tarkoitettuja tietoja. Kyseessä on jo kolmas kerta lyhyen ajan sisällä.

VoIP.ms phone services disrupted by DDoS extortion attack

www.bleepingcomputer.com/news/security/voipms-phone-services-disrupted-by-ddos-extortion-attack/ Threat actors are targeting voice-over-Internet provider VoIP.ms with a DDoS attack and extorting the company to stop the assault that’s severely disrupting the company’s operation. VoIP.ms is an Internet phone service company that provides affordable voice-over-IP service to businesses around the world.

iOS 15 Is Available Now With These Stunning New iPhone Privacy Features

www.forbes.com/sites/kateoflahertyuk/2021/09/20/ios-15-is-available-now-with-these-stunning-new-iphone-privacy-features/ It’s been a long time coming but iOS 15 is now available, along with a bunch of stunning new iPhone privacy features you can start using straight away.

An in-depth analysis of ExpressVPN’s terrible, horrible, no good, very bad week

www.zdnet.com/article/trust-but-verify-an-in-depth-analysis-of-expressvpns-terrible-horrible-no-good-very-bad-week/ ExpressVPN has been all over the news for the past week, and not in a good way. Kape Technologies has announced plans to acquire ExpressVPN for $986 million. Kape was once considered a malware provider. Additionally, a report in Reuters indicating that ExpressVPN CIO Daniel Gericke is among three men fined $1.6 million by the US Department of Justice for hacking and spying on US citizens on behalf of the government of the UAE (United Arab Emirates).

A Journey in Organizational Cyber Resilience Part 2: Business Continuity

securityintelligence.com/articles/organizational-cyber-resilience-part-2-business-continuity/ Keeping a business up and running during a problem takes the right people for the job. When it comes to cyber resilience through tough times, many things come down to the human factor. We focused on that in the first piece in this series, but it also makes a big difference to the second topic: business continuity. So, how do you make sure that your business processes and functions keep running during a disruption?

#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports

isc.sans.edu/diary/rss/27852 After the “OMIGOD” vulnerability details were made public, and it became obvious that exploiting vulnerable hosts would be trivial, researchers and attackers started pretty much immediately to scan for vulnerable hosts.

You might be interested in …

Daily NCSC-FI news followup 2020-01-01

Chrome extension caught stealing crypto-wallet private keys www.zdnet.com/article/chrome-extension-caught-stealing-crypto-wallet-private-keys/ A Google Chrome extension was caught injecting JavaScript code on web pages to steal passwords and private keys from cryptocurrency wallets and cryptocurrency portals.

Read More

Daily NCSC-FI news followup 2020-05-03

Koronavirustartuntoja jäljittävän sovelluksen testaaminen alkaa Suomessa samalla yhteiseurooppalaisen ratkaisun löytäminen näyttää yhä vaikeammalta yle.fi/uutiset/3-11332842 Koronavirustartuntojen jäljittävän puhelinsovelluksen testaaminen käynnistyy tässä kuussa Suomessa. Vaasan keskussairaalassa toteutettavassa pilottihankkeessa selvitetään, miten hyvin puhelimien Bluetooth-teknologia selviää lähikontaktien kartoituksesta. Sosiaali- ja terveysministeriö on arvioinut, että altistumisia jäljittävä sovellus voisi olla käytettävissä kesäkuussa. Levittääkö 5G-säteily koronavirusta ja onko se uhka lasten […]

Read More

Daily NCSC-FI news followup 2019-09-12

1B Mobile Users Vulnerable to Ongoing SimJacker Surveillance Attack threatpost.com/1b-mobile-users-vulnerable-to-ongoing-simjacker-surveillance-attack/148277/ More than one billion mobile users are at risk from a SIM card flaw being currently exploited by threat actors, researchers warn.. Also: www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/. Report: simjacker.com/ New Clues Show How Russias Grid Hackers Aimed for Physical Destruction www.wired.com/story/russia-ukraine-cyberattack-power-grid-blackout-destruction/ A fresh look at the 2016 blackout […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.