Daily NCSC-FI news followup 2021-09-26

Miten kiinalaisten puhelinten käy Suomessa? Näin kommentoivat operaattorit

www.is.fi/digitoday/mobiili/art-2000008286255.html Suomen operaattorikolmikko ottaa väitteet puhelinten tietoturvaongelmista vakavasti, mutta myynti jatkuu toistaiseksi normaalisti.

Hunting the LockBit Gang’s Exfiltration Infrastructures

yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/

Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers

thehackernews.com/2021/09/colombian-real-estate-agency-leak.html More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to cybersecurity company WizCase.

New ZE Loader Targets Online Banking Users

securityintelligence.com/posts/new-ze-loader-targets-online-banking/

How to Go Passwordless on Your Microsoft Account

www.wired.com/story/how-to-no-password-microsoft-account/ Despite being the default way that you get into most of your digital accounts, passwords aren’t really that securecertainly not compared to a fingerprint or a device that can act as a physical key. If someone gets hold of or guesses your password, they can pretend to be you from wherever they are in the world, especially if you don’t have two-factor authentication in place.

Daily NCSC-FI news followup 2020-03-15

CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-up-ransomware Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will […]

Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users. Eletrobras, Copel energy companies hit by ransomware attacks www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia […]

Daily NCSC-FI news followup 2019-11-03

BlueKeep attacks are happening, but it’s not a worm www.zdnet.com/article/bluekeep-attacks-are-happening-but-its-not-a-worm/ Hackers are using BlueKeep to break into Windows systems and install a cryptocurrency miner. Security researchers have spotted the first mass-hacking campaign using the BlueKeep exploit; however, the exploit is not being used as a self-spreading worm, as Microsoft was afraid it would happen last […]