Daily NCSC-FI news followup 2021-09-26

Miten kiinalaisten puhelinten käy Suomessa? Näin kommentoivat operaattorit

www.is.fi/digitoday/mobiili/art-2000008286255.html Suomen operaattorikolmikko ottaa väitteet puhelinten tietoturvaongelmista vakavasti, mutta myynti jatkuu toistaiseksi normaalisti.

Hunting the LockBit Gang’s Exfiltration Infrastructures

yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/

Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers

thehackernews.com/2021/09/colombian-real-estate-agency-leak.html More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to cybersecurity company WizCase.

New ZE Loader Targets Online Banking Users

securityintelligence.com/posts/new-ze-loader-targets-online-banking/

How to Go Passwordless on Your Microsoft Account

www.wired.com/story/how-to-no-password-microsoft-account/ Despite being the default way that you get into most of your digital accounts, passwords aren’t really that securecertainly not compared to a fingerprint or a device that can act as a physical key. If someone gets hold of or guesses your password, they can pretend to be you from wherever they are in the world, especially if you don’t have two-factor authentication in place.

You might be interested in …

Daily NCSC-FI news followup 2020-12-24

Windows zero-day with bad patch gets new public exploit code www.bleepingcomputer.com/news/security/windows-zero-day-with-bad-patch-gets-new-public-exploit-code/ Back in June, Microsoft released a fix for a vulnerability in the Windows operating system that enabled attackers to increase their permissions to kernel level on a compromised machine. The patch did not stick.. The issue, which advanced hackers exploited as a zero-day in […]

Read More

[NCSC-FI News] Threat Advisory: Opportunistic cyber criminals take advantage of Ukraine invasion

Since the beginning of the war in Ukraine, we have observed threat actors using email lures with themes related to the conflict, including humanitarian assistance and various types of fundraising. This activity has been increasing since the end of February. Source: Read More (NCSC-FI daily news followup)

Read More

[NCSC-FI News] Assembling the Russian Nesting Doll: UNC2452 Merged into APT29

Mandiant has gathered sufficient evidence to assess that the activity tracked as UNC2452, the group name used to track the SolarWinds compromise in December 2020, is attributable to APT29. Source: Read More (NCSC-FI daily news followup)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.