Daily NCSC-FI news followup 2021-09-23

KRP varoittaa ovelasta Omakanta-huijauksesta toimi näin suojautuaksesi

www.is.fi/digitoday/tietoturva/art-2000008285667.html Poliisi kehottaa noudattamaan varovaisuutta pankkitunnuksilla sähköiseen palveluun kirjauduttaessa.

VoIP company battles massive ransom DDoS attack

www.zdnet.com/article/voip-company-battles-massive-ransom-ddos-attack/ VoIP company battles massive ransom DDoS attack. katso myös


FamousSparrow: A suspicious hotel guest

www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/ ESET researchers have uncovered a new cyberespionage group targeting hotels, governments, and private companies worldwide. We have named this group FamousSparrow and we believe it has been active since at least 2019.. The group has been active since at least August 2019 and it mainly targets hotels worldwide. In addition, we have seen a few targets in other sectors such as governments, international organizations, engineering companies and law firms

How Outlook autodiscover could leak your passwords and how to stop it


Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

www.bleepingcomputer.com/news/security/hackers-are-scanning-for-vmware-cve-2021-22005-targets-patch-now/ Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution.

Apple fixes another zero-day used to deploy NSO iPhone spyware

www.bleepingcomputer.com/news/apple/apple-fixes-another-zero-day-used-to-deploy-nso-iphone-spyware/ Apple has released security updates to fix three zero-day vulnerabilities exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions.

Cyber Threats to Global Electric Sector on the Rise

www.dragos.com/blog/industry-news/cyber-threats-to-global-electric-sector-on-the-rise/ The number of cyber intrusions and attacks targeting the Electric sector is increasing and in 2020 Dragos identified three new Activity Groups (AGs) targeting the Electric Sector: TALONITE, KAMACITE, and STIBNITE. A full two-thirds of the 15 AGs that Dragos actively tracks are performing Industrial Control Systems (ICS)-specific targeting activities focused on electric utility operations.

Törkeä huijaus Iltalehden nimissä valeuutinen lupaa tuhansien eurojen voittoja

www.iltalehti.fi/digiuutiset/a/775335c7-679c-4e6a-933c-be7785e840c6 Verkkorikolliset ovat luoneet sivuston, joka jäljittelee Iltalehden aitoa sivustoa.

100M IoT Devices Exposed By Zero-Day Bug

threatpost.com/100m-iot-devices-zero-day-bug/174963/ A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.. see also


Bitcoin.org Website Inaccessible After Being Hacked by Apparent Giveaway Scam

www.coindesk.com/tech/2021/09/23/bitcoinorg-appears-hacked-by-giveaway-scam/ The site could not be opened as of 05:44 UTC Thursday, after falling victim earlier in the day to an attack claiming it would double funds sent to it.

Google finds adware strain abusing novel file signature evasion technique

therecord.media/google-finds-adware-strain-abusing-novel-file-signature-evasion-technique/ One of Googles security teams said it found a malware strain abusing a new technique to evade detection from security products by cleverly modifying the digital signature of its payloads.

Researchers Find Malware Hiding in Windows Subsystem for Linux

www.tomshardware.com/news/researchers-find-windows-subsystem-linux-malware Black Lotus Labs revealed on Thursday that it’s discovered new malware that uses the Windows Subsystem for Linux (WSL) to avoid being detected by security tools.

REVil ransomware devs added a backdoor to cheat affiliates

www.bleepingcomputer.com/news/security/revil-ransomware-devs-added-a-backdoor-to-cheat-affiliates/ Cybercriminals are slowly realizing that the REvil ransomware operators may have been hijacking ransom negotiations, to cut affiliates out of payments.

Italian mafia cybercrime sting leads to 100+ arrests

blog.malwarebytes.com/scams/2021/09/italian-mafia-cybercrime-sting-leads-to-100-arrests/ The Spanish National Police (Policía Nacional) has successfully dismantled an organized crime ring of hundreds of members in a sting operation supported by Europol, the Italian National Police (Polizia di Stato), and Eurojust. This is the end result of a year-long investigation.

You might be interested in …

Daily NCSC-FI news followup 2020-08-13

Alert (AA20-225A) – Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails us-cert.cisa.gov/ncas/alerts/aa20-225a The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA […]

Read More

Daily NCSC-FI news followup 2021-03-28

Krebs: No, I Did Not Hack Your MS Exchange Server krebsonsecurity.com/2021/03/no-i-did-not-hack-your-ms-exchange-server/ The Shadowserver Foundation says it has found 21, 248 different Exchange servers which appear to be compromised by a backdoor and communicating with brian[.]krebsonsecurity[.]top. The malware runs Windows Defender, which is a security product Microsoft ships with Windows devices that can help block attacks […]

Read More

Daily NCSC-FI news followup 2020-08-12

Annatko selaimen tallentaa salasanasi? Haittaohjelman uusi versio voi varastaa ne salaa www.is.fi/digitoday/tietoturva/art-2000006598720.html Salasanoja vohkiva Agent Tesla muuttui entistäkin pahemmaksi uhkaksi. Samalla se osoittaa, miten kätevyys voi kostautua salasanojen säilytyksessä.. Selain kysyy verkkopalveluun kirjautuessa, tallennetaanko salasana jatkoa varten. Kovin usein tulee painettua kyllä, jotta seuraavalla kerralla olisi helpompi päästä sisään. Tämä kuitenkin synnyttää rikollisille houkuttelevan varannon […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.