Daily NCSC-FI news followup 2021-10-10

71% of Security Pros Find Patching to be Complex and Time Consuming, Ivanti Study Confirms

www.darkreading.com/vulnerabilities-threats/71-of-security-pros-find-patching-to-be-complex-and-time-consuming-ivanti-study-confirms Ivanti, the automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today announced the results of a survey that found a resounding majority (71%) of IT and security professionals found patching to be overly complex, cumbersome, and time consuming. In fact, 57% of respondents stated that remote work has increased the complexity and scale of patch management.

Scanning for Previous Oracle WebLogic Vulnerabilities

isc.sans.edu/forums/diary/Scanning+for+Previous+Oracle+WebLogic+Vulnerabilities/27918/ In the past few weeks, I have captured multiple instance of traffic related to some past Oracle vulnerabilities that have already been patched. The first is related to a RCE (CVE-2017-10271) that can be triggered to execute commands remotely by bypassing the CVE-2017-3506 patch’s limitations. The POST contains an init.sh script which doesn’t appear to be available for download. The second example is a vulnerability in the Oracle WebLogic Server component related to a Deserialization Vulnerability (CVE-2019-2725).

Bank of America insider charged with money laundering for BEC scams

www.bleepingcomputer.com/news/security/bank-of-america-insider-charged-with-money-laundering-for-bec-scams/ C: The U.S. District Court for the Eastern District of Virginia has charged three men with money laundering and aggravated identity theft after allegedly conducting a business email compromise (BEC) scheme. BEC scams use various tactics (including social engineering, malware, hacking, and phishing) to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under a threat actor’s control.

Vältä näitä: Tässä 3 pahinta tieto­turva­mokaa

www.is.fi/digitoday/tietoturva/art-2000008263579.html YHDYSVALTAIN kyberviranomainen CISA (Cybersecurity and Infrastructure Security Agency) tunnistaa kolme pahaa virhettä, jotka voivat altistaa kriittisen infrastruktuurin hyökkäyksille. CISA:n ohjeet on suunnattu yhdysvaltalaisille yrityksille ja organisaatioille, mutta niistä on apua myös tavallisille kuluttajille Suomessa.

Tietoturvaguru Mikko Hyppönen jakaa vinkkejä uutuuskirjassaan: Väärä PIN-koodi tussilla pankkikorttiin

www.iltalehti.fi/tietoturva/a/b5833240-20d9-46bb-9c4c-85c4f2e9467e Tietoturvayhtiö F-Securen tutkimusjohtaja Mikko Hyppönen kertoo uutuuskirjassaan (Internet, WSOY), miten taklata yleisimpiä tietoturvaongelmia, joissa ihminen on heikoin lenkki. Seuraavat otteet ovat suoria lainauksia Suomen tunnetuimman tietoturvagurun uutuuskirjasta.

Valeanturit tunkeutuvat verkkoihin Tällä hetkellä yleisin keino, jolla järjestelmiin murtaudutaan

www.tivi.fi/uutiset/tv/1f5c9a14-32bb-4ce0-a39d-e9374a53ec02 Viime toukokuussa Yhdysvallat lähes pysähtyi. Maan suurimpaan polttoaineputkeen tehtiin kyberhyökkäys, jonka seurauksena lähes 9000 kilometrin mittaisessa putkistossa ei siirretty yhtäkään litraa bensiiniä, dieseliä, lentopetrolia tai lämmitysöljyä. Insta Groupin toimitusjohtaja Henry Nieminen nostaa esille yhden äärimmäisen tärkeän asian, miten yritykset voisivat joko estää kokonaan tai vähintään saada kyberhyökkäysten vahingot minimiin.

Ransomware: Cyber criminals are still exploiting these old vulnerabilities, so patch now

www.zdnet.com/article/ransomware-cyber-criminals-are-still-exploiting-years-old-vulnerabilities-to-launch-attacks/ Some of the cybersecurity vulnerabilities most commonly exploited by cybercriminals to help distribute ransomware are years old — but attackers are still able to take advantage of them because security updates aren’t being applied. Cybersecurity researchers at Qualys examined the Common Vulnerabilities and Exposures (CVEs) most used in ransomware attacks in recent years. They found that some of these vulnerabilities have been known for almost a decade and had vendor patches available.

McAfee/FireEye merger completed, CEO says automation only way forward for cybersecurity

www.zdnet.com/article/mcafeefireeye-merger-completed-ceo-says-automation-only-way-forward-for-cybersecurity/ McAfee Enterprise and FireEye completed their merger on Friday, closing the $1.2 billion, all cash transaction that merges the two cybersecurity giants. FireEye announced the sale of its FireEye Products business to a consortium led by Symphony Technology Group (STG) in July, separating the company’s network, email, endpoint and cloud security products from Mandiant’s software and services.

You might be interested in …

Daily NCSC-FI news followup 2021-08-03

Five Southeast Asian telcos hacked by three different Chinese espionage groups therecord.media/five-southeast-asian-telcos-hacked-by-three-different-chinese-espionage-groups/ At least five major telecommunication providers from Southeast Asia have been hacked over the past years by different Chinese cyber-espionage groups. “These are global telcos with tens of millions of customers, ” Assaf Dahan, Senior Director and Head of Threat Research at security […]

Read More

Daily NCSC-FI news followup 2019-12-28

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/ The systems encrypted by Ryuk Ransomware directly impacted the facility’s “entire corporate IT network (beyond the footprint of the facility)” [emphasis ours] and physical access and camera control systems, and it also led to “loss of critical process control monitoring systems.” Ransomware Hits Maastricht […]

Read More

Daily NCSC-FI news followup 2019-08-19

GAME OVER: Detecting and Stopping an APT41 Operation www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html In August 2019, FireEye released the Double Dragon report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services.. In this blog post, were going to examine a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.