Daily NCSC-FI news followup 2021-10-24

Verkkopankkitunnusten kalastelu jyrkässä nousussa

yle.fi/uutiset/3-12157789 Tänä vuonna tehdään ennätyksiä tunnuskalasteluun menneissä rahamäärissä, sanoo tietoturva-asiantuntija Ville Kontinen liikenne- ja viestintävirasto Traficomista. Poliisin kyberrikostorjuntakeskuksen tietojen mukaan verkkopankkitunnusten kalastelulla on aiheutettu tänä vuonna jo yli 8, 5 miljoonan euron vahingot. Valeverkkopankkeihin on kirjautunut tänä vuonna jo satoja suomalaisia.

BlackMatter ransomware victims quietly helped using secret decryptor

www.bleepingcomputer.com/news/security/blackmatter-ransomware-victims-quietly-helped-using-secret-decryptor/ Cybersecurity firm Emsisoft has been secretly decrypting BlackMatter ransomware victims since this summer, saving victims millions of dollars. Emsisoft and its CTO Fabian Wosar have been helping ransomware victims recover their files since 2012. Since then Wosar and others have been working tirelessly to find flaws in ransomware’s encryption algorithms that allow decryptors to be made.

Kaveripyyntö Facebookissa johti 130 000 euron valerahankeräykseen ja hääsuunnitelmiin perheenäiti Jonna Janetzko vastahuijaa netin auervaaroja

yle.fi/uutiset/3-12152554 Huijauksen keinot uusiutuvat sitä mukaa, kun vanhat tulevat tunnetuiksi, sanoo ylilääkäri Hannu Lauerma. Jonna Janetzkon vastahuijausprojektissa on mukana kymmeniä vastahuijareita ja ainakin 50 huijattavaa huijaria.

FTC: ISPs collect and monetize far more user data than you’d think

www.bleepingcomputer.com/news/security/ftc-isps-collect-and-monetize-far-more-user-data-than-you-d-think/ The Federal Trade Commission (FTC) found that the six largest internet service providers (ISPs) in the U.S. collect and share customers’ personal data without providing them with info on how it’s used or meaningful ways to control this process. “Many internet service providers (ISPs) collect and share far more data about their customers than many consumers may expectincluding access to all of their Internet traffic and real-time location datawhile failing to offer consumers meaningful choices about how this data can be used, ” the FTC said.

You might be interested in …

Daily NCSC-FI news followup 2021-08-05

Energy group ERG reports minor disruptions after ransomware attack www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ Italian energy company ERG reports “only a few minor disruptions” affecting its information and communications technology (ICT) infrastructure following a ransomware attack on its systems. Linux version of BlackMatter ransomware targets VMware ESXi servers www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/ The BlackMatter gang has joined the ranks of ransomware operations […]

Read More

Daily NCSC-FI news followup 2020-08-22

Grandoreiro banking trojan impersonates Spains tax agency www.welivesecurity.com/2020/08/21/grandoreiro-banking-trojan-impersonates-spain-tax-agency/ Although its been some weeks since the height of the income tax season in many countries around the globe, the year 2020 has been looking less than normal even for cybercriminal activity. For several months, various threat actors have been attempting to impersonate governmental organizations, such as […]

Read More

[NCSC-FI News] FBI warns of new reverse instant payments banking scam

FBI issued an alert earlier this month detailing a new way scammers have been successfully swindling victims in the USA. The criminals use social engineering to trick victims into thinking that they are transferring funds to themselves Bad actors initially approach the potential victims via text messages and then continue the interaction via phone. The […]

Read More