Daily NCSC-FI news followup 2021-09-24

SonicWall warns users to patch critical vulnerability as soon as possible

blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/sonicwall-warns-users-to-patch-critical-vulnerability-as-soon-as-possible/ SonicWall has issued a security notice about its SMA 100 series of appliances. The vulnerability could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from a SMA 100 series appliance and gain administrator access to the device.

Uusi pankkihuijaus haluaa tunnukset 8 tunnissa erottaisitko itse tämän sivun aidosta?

www.is.fi/digitoday/tietoturva/art-2000008286937.html SÄHKÖPOSTITSE levitetään parhaillaan Nordean nimissä huijausta, jossa käyttäjälle esitetään vaatimus tunnistautua uudelleen kahdeksan tunnin kuluessa sähköpostin saamisesta lukien.

Uudenlainen huijaus: Varo maksu­pyyntöä MobilePayssa Kelan nimissä

www.is.fi/digitoday/tietoturva/art-2000008287326.html KELA varoittaa nimissään MobilePay-rahansiirtosovelluksessa tehtävästä huijauksesta. Maksupyyntö on naamioitu etuisuuden takaisinmaksupyynnöksi.. katso myös

www.kela.fi/ajankohtaista-henkiloasiakkaat/-/asset_publisher/kg5xtoqDw6Wf/content/kelan-nimissa-huijataan-rahaa-mobilepay-sovelluksessa

Major European call center provider goes down in ransomware attack

therecord.media/major-european-call-center-provider-goes-down-in-ransomware-attack/ GSS, the Spanish and Latin America division of Covisian, one of Europes largest customer care and call center providers, has suffered a debilitating ransomware attack that froze a large part of its IT systems and crippled call centers across its Spanish-speaking customerbase.

German Election: Phishing Attacks and Disinformation Campaigns Target Parliament Members

quointelligence.eu/2021/09/cybersecurity-and-german-election/

EU officially blames Russia for ‘Ghostwriter’ hacking activities

www.bleepingcomputer.com/news/security/eu-officially-blames-russia-for-ghostwriter-hacking-activities/ The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public.. “These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data,” European Council officials said in a press release today.. see also

www.consilium.europa.eu/en/press/press-releases/2021/09/24/declaration-by-the-high-representative-on-behalf-of-the-european-union-on-respect-for-the-eu-s-democratic-processes/

 Researcher drops three iOS zero-days that Apple refused to fix

www.bleepingcomputer.com/news/security/researcher-drops-three-ios-zero-days-that-apple-refused-to-fix/ Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher.

Emergency Google Chrome update fixes zero-day exploited in the wild

www.bleepingcomputer.com/news/security/emergency-google-chrome-update-fixes-zero-day-exploited-in-the-wild/ Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux, an emergency update addressing a high-severity zero-day vulnerability exploited in the wild.

Bug in macOS Finder allows remote code execution

www.welivesecurity.com/2021/09/23/bug-macos-finder-remote-code-execution/ While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented

Microsoft rushes to register Autodiscover domains leaking credentials

www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/ Microsoft is rushing to register Internet domains used to steal Windows credentials sent from faulty implementations of the Microsoft Exchange Autodiscover protocol.

State-sponsored hacking group targets Port of Houston using Zoho zero-day

therecord.media/state-sponsored-hacking-group-targets-port-of-houston-using-zoho-zero-day/ A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today.

Exploits imminent for critical VMware vCenter CVE-2021-22005 bug

www.bleepingcomputer.com/news/security/exploits-imminent-for-critical-vmware-vcenter-cve-2021-22005-bug/ Exploit code that could be used to achieve remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 is currently spreading online.

You might be interested in …

Daily NCSC-FI news followup 2020-11-17

Nordean tietomurrosta kahdelle vankeutta yhden syytteet hylättiin Pohjanmaan käräjäoikeudessa yle.fi/uutiset/3-11652084?origin=rss Rikokset ajoittuivat kesään 2019. Käräjäoikeus määräsi tiistaina tuomitut maksamaan pankille yhteensä yli 276 000 euroa vahingonkorvauksia. Delhin poliisi pidätti 17 ihmistä “Microsoftin palvelukeskuksesta” www.tivi.fi/uutiset/tv/79cbdf6d-9551-46b5-b6ff-06a378686a75 Poliisin antamien tietojen mukaan huijariporukka oli ehtinyt petkuttaa ihmisiä jo runsaan vuoden ajan. Uhrien määräksi kerrotaan 2268 ja saaliiksi runsaat 0, […]

Read More

Daily NCSC-FI news followup 2021-04-05

Supply chain attacks: what we know about the SolarWinds Sunburst’ exploit, and why it still matters blog.checkpoint.com/2021/04/05/supply-chain-attacks-what-we-know-about-the-solarwinds-sunburst-exploit-and-why-it-still-matters/ In a press conference, more than 2 months after the incident, the U.S. deputy national security advisor said that investigators were still in the “beginning stages” of understanding the scope and scale of the attack. What makes the […]

Read More

Daily NCSC-FI news followup 2020-05-04

F-Secure varoitti äsken haavoittuvuuksista nyt alkoivat hyökkäykset www.tivi.fi/uutiset/tv/45c37640-e8d3-416b-a501-b10979428311 Salt-sovellus ei välttämättä ole tuttu suurelle yleisölle, mutta järjestelmien ylläpitäjille se on. Sitä käytetään palvelinten hallintaan datakeskuksissa, pilvessä ja yritysten omissa konesaleissa. ZDnet kirjoittaa, että viikonlopun aikana hakkerit ovat uutterasti nuuskineet verkosta Salt-asennuksia. Hyökkäyksiä on myös tehty. Kohteiksi ovat joutuneet ainakin LineageOS -mobiilikäyttöjärjestelmän kehittäjät, Ghost-blogialusta sekä sertifikaattiviranomainen […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.