Daily NCSC-FI news followup 2021-09-23

KRP varoittaa ovelasta Omakanta-huijauksesta toimi näin suojautuaksesi

www.is.fi/digitoday/tietoturva/art-2000008285667.html Poliisi kehottaa noudattamaan varovaisuutta pankkitunnuksilla sähköiseen palveluun kirjauduttaessa.

VoIP company battles massive ransom DDoS attack

www.zdnet.com/article/voip-company-battles-massive-ransom-ddos-attack/ VoIP company battles massive ransom DDoS attack. katso myös

www.is.fi/digitoday/art-2000008284709.html

FamousSparrow: A suspicious hotel guest

www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/ ESET researchers have uncovered a new cyberespionage group targeting hotels, governments, and private companies worldwide. We have named this group FamousSparrow and we believe it has been active since at least 2019.. The group has been active since at least August 2019 and it mainly targets hotels worldwide. In addition, we have seen a few targets in other sectors such as governments, international organizations, engineering companies and law firms

How Outlook autodiscover could leak your passwords and how to stop it

nakedsecurity.sophos.com/2021/09/23/how-outlook-autodiscover-could-leak-your-passwords-and-how-to-stop-it/

Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

www.bleepingcomputer.com/news/security/hackers-are-scanning-for-vmware-cve-2021-22005-targets-patch-now/ Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution.

Apple fixes another zero-day used to deploy NSO iPhone spyware

www.bleepingcomputer.com/news/apple/apple-fixes-another-zero-day-used-to-deploy-nso-iphone-spyware/ Apple has released security updates to fix three zero-day vulnerabilities exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions.

Cyber Threats to Global Electric Sector on the Rise

www.dragos.com/blog/industry-news/cyber-threats-to-global-electric-sector-on-the-rise/ The number of cyber intrusions and attacks targeting the Electric sector is increasing and in 2020 Dragos identified three new Activity Groups (AGs) targeting the Electric Sector: TALONITE, KAMACITE, and STIBNITE. A full two-thirds of the 15 AGs that Dragos actively tracks are performing Industrial Control Systems (ICS)-specific targeting activities focused on electric utility operations.

Törkeä huijaus Iltalehden nimissä valeuutinen lupaa tuhansien eurojen voittoja

www.iltalehti.fi/digiuutiset/a/775335c7-679c-4e6a-933c-be7785e840c6 Verkkorikolliset ovat luoneet sivuston, joka jäljittelee Iltalehden aitoa sivustoa.

100M IoT Devices Exposed By Zero-Day Bug

threatpost.com/100m-iot-devices-zero-day-bug/174963/ A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.. see also

www2.guardara.com/2021/09/23/guardara-uncovers-key-zero-day-vulnerability-in-popular-iot-message-broker-software/

Bitcoin.org Website Inaccessible After Being Hacked by Apparent Giveaway Scam

www.coindesk.com/tech/2021/09/23/bitcoinorg-appears-hacked-by-giveaway-scam/ The site could not be opened as of 05:44 UTC Thursday, after falling victim earlier in the day to an attack claiming it would double funds sent to it.

Google finds adware strain abusing novel file signature evasion technique

therecord.media/google-finds-adware-strain-abusing-novel-file-signature-evasion-technique/ One of Googles security teams said it found a malware strain abusing a new technique to evade detection from security products by cleverly modifying the digital signature of its payloads.

Researchers Find Malware Hiding in Windows Subsystem for Linux

www.tomshardware.com/news/researchers-find-windows-subsystem-linux-malware Black Lotus Labs revealed on Thursday that it’s discovered new malware that uses the Windows Subsystem for Linux (WSL) to avoid being detected by security tools.

REVil ransomware devs added a backdoor to cheat affiliates

www.bleepingcomputer.com/news/security/revil-ransomware-devs-added-a-backdoor-to-cheat-affiliates/ Cybercriminals are slowly realizing that the REvil ransomware operators may have been hijacking ransom negotiations, to cut affiliates out of payments.

Italian mafia cybercrime sting leads to 100+ arrests

blog.malwarebytes.com/scams/2021/09/italian-mafia-cybercrime-sting-leads-to-100-arrests/ The Spanish National Police (Policía Nacional) has successfully dismantled an organized crime ring of hundreds of members in a sting operation supported by Europol, the Italian National Police (Polizia di Stato), and Eurojust. This is the end result of a year-long investigation.

You might be interested in …

Daily NCSC-FI news followup 2021-10-08

September 2021s Most Wanted Malware: Trickbot Once Again Tops the List blog.checkpoint.com/2021/10/08/september-2021s-most-wanted-malware-trickbot-once-again-tops-the-list/ Check Point Research reports that Trickbot is the most prevalent malware while remote access trojan, njRAT, has entered the index for the first time. The remote access trojan, njRAT, has entered the top ten for the first time, taking the place of Phorpiex […]

Read More

Daily NCSC-FI news followup 2021-05-13

April 2021s Most Wanted Malware: Dridex Remains in Top Position Amidst Global Surge in Ransomware Attacks blog.checkpoint.com/2021/05/13/april-2021s-most-wanted-malware-dridex-remains-in-top-position-amidst-global-surge-in-ransomware-attacks/ Our latest Global Threat Index for April 2021 has revealed that for the first time, AgentTesla has ranked second in the Index, while the established Dridex trojan is still the most prevalent malware, having risen to the top […]

Read More

Daily NCSC-FI news followup 2020-10-11

Settings That Impact The Windows OS windowsir.blogspot.com/2020/10/settings-that-impact-windows-os.html There are a number of settings within Windows systems that can and do significantly impact the functionality of Windows, and as a result, can also impact what is available to a DFIR analyst. These settings very often manifest as modifications to Registry keys or values. These settings also […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.