Daily NCSC-FI news followup 2021-10-19

Kyberturvallisuuskeskus kartoittaa jälleen suojaamattomia automaatiojärjestelmiä

www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kartoitus2021 Liikenne- ja viestintävirasto Traficomin Kyberturvallisuuskeskus etsii tietoverkoista suojaamattomia automaatiolaitteita. Työn tavoitteena on parantaa tilannekuvaa ja kyberturvallisuutta Suomessa. Saatuja tuloksia verrataan aikaisempien vuosien tuloksiin.

Oraclen lokakuun 2021 kriittiset korjaukset

www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_33/2021 Oracle on julkaissut ennakkotiedotteen 418 tietoturvapäivityksestä yhteensä 29 eri tuotteeseensa. Mukana on myös useita kymmeniä pienemmän kriittisyysluokan päivityksiä. Suosittelemme päivittämään nopeasti ja seuraamaan valmistajan ohjeita. Lisäksi:


Social Now Among Top Three Sectors to be Imitated in Phishing Attempts in Q3 2021

blog.checkpoint.com/2021/10/19/social-now-among-top-three-sectors-to-be-imitated-in-phishing-attempts-in-q3-2021/ Our latest Brand Phishing Report for Q3 2021 highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during July, August and September 2021.

Trickbot module descriptions

securelist.com/trickbot-module-descriptions/104603/ Over the years, Trickbot has acquired dozens of auxiliary modules that steal credentials and sensitive information, spread it over the local network using stolen credentials and vulnerabilities,

About 26% of all malicious JavaScript threats are obfuscated

www.bleepingcomputer.com/news/security/about-26-percent-of-all-malicious-javascript-threats-are-obfuscated/ A research that analyzed over 10, 000 samples of diverse malicious software written in JavaScript concluded that roughly 26% of it is obfuscated to evade detection and analysis.

LightBasin hacking group breaches 13 global telecoms in two years

www.bleepingcomputer.com/news/security/lightbasin-hacking-group-breaches-13-global-telecoms-in-two-years/ A group of hackers that security researchers call LightBasin has been compromising mobile telecommunication systems across the world for the past five years.

Cybersecurity Experts Warn of a Rise in Lyceum Hacker Group Activities in Tunisia

thehackernews.com/2021/10/cybersecurity-experts-warn-of-rise-in.html A threat actor, previously known for striking organizations in the energy and telecommunications sectors across the Middle East as early as April 2018, has evolved its malware arsenal to strike two entities in Tunisia.

LightBasin: A Roaming Threat to Telecommunications Companies

www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks/ CrowdStrike Services, CrowdStrike Intelligence and Falcon OverWatch have investigated multiple intrusions within the telecommunications sector from a sophisticated actor tracked as the LightBasin activity cluster, also publicly known as UNC1945.

Microsoft issues advisory for Surface Pro 3 TPM bypass vulnerability

www.bleepingcomputer.com/news/microsoft/microsoft-issues-advisory-for-surface-pro-3-tpm-bypass-vulnerability/ Microsoft has published an advisory regarding a security feature bypass vulnerability impacting Surface Pro 3 tablets which could allow threat actors to introduce malicious devices within enterprise environments.

South African police arrest eight romance scammers for stealing $6.85 million

therecord.media/south-african-police-arrest-eight-romance-scammers-for-stealing-6-85-million/ The South African Police Service has arrested eight suspects on charges of engaging in romance scams and stealing more than 100 million rand ($6.85 million) from victims.

Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services

thehackernews.com/2021/10/squirrel-engine-bug-could-let-attackers.html Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine.

A New Variant of FlawedGrace Spreading Through Mass Email Campaigns

thehackernews.com/2021/10/a-new-variant-of-flawedgrace-spreading.html ybersecurity researchers on Tuesday took the wraps off a mass volume email attack staged by a prolific cybercriminal gang affecting a wide range of industries, with one of its region-specific operations notably targeting Germany and Austria. Lisäksi:

www.proofpoint.com/us/blog/threat-insight/whatta-ta-ta505-ramps-activity-delivers-new-flawedgrace-variant. Lisäksi: threatpost.com/ta505-retooled-flawedgrace-rat/175559/

CSIRT – Law Enforcement Cooperation Workshop – 10 Years of Joint Efforts against Cybercrime

www.enisa.europa.eu/news/csirt-law-enforcement-cooperation-workshop-10-years-of-joint-efforts-against-cybercrime The European Union Agency for Cybersecurity, (ENISA) and Europol’s European Cybercrime Centre (EC3) organised the 10th Annual Workshop for CSIRTs and law enforcement.

You might be interested in …

Daily NCSC-FI news followup 2019-12-11

How we turned 5G into 5k medium.com/sensorfu/how-we-turned-5g-into-5k-a8636b549248 Hacking is a good way to learn and hackathons are a great place to learn with other like-minded people. And that was exactly what we had in mind when we invited our friends and signed in as a team to the first 5G hackathon in the world. We […]

Read More

Daily NCSC-FI news followup 2019-10-29

Industrial equipment to come under fire at the world’s largest hacking contest www.zdnet.com/article/industrial-equipment-to-come-under-fire-at-the-worlds-largest-hacking-contest/ Pwn2Own hacking contest to feature ICS SCADA targets for the first time. The next Pwn2Own contest is set to take place at the S4 ICS security conference that will be held in Miami South Beach on January 21-23, 2020. Microsoft: Russian hackers […]

Read More

Daily NCSC-FI news followup 2021-06-01

Ruotsi ja Norja vaativat Tanskalta selvitystä vakoiluväitteistä yle.fi/uutiset/3-11955732 Mediatietojen mukaan Tanskan puolustusministeri olisi tiennyt jo viime elokuussa, että Yhdysvaltain Kansallisen turvallisuuden virasto NSA on vakoillut Tanskan kautta useiden liittolaismaiden poliitikkoja ja virkamiehiä. Ruotsin ja Norjan puolustusministerit vaativat Tanskalta selvitystä mediatiedoista, joiden mukaan Yhdysvallat olisi vakoillut Tanskan kautta niiden poliitikkoja ja virkamiehiä, kertoo muun muassa Tanskan […]

Read More