Daily NCSC-FI news followup 2021-11-07

House approves massive infrastructure plan that includes $1.9 billion for cybersecurity

therecord.media/house-approves-massive-infrastructure-plan-that-includes-1-9-billion-for-cybersecurity/ The U.S. House of Representatives on Friday approved $1.2 trillion infrastructure bill that will investment nearly $2 billion in cybersecurity efforts throughout the federal government. The measure incorporates the Cyber Response and Recovery Act, which authorizes $100 million over five years to support federal response to cyber incidents. It also allows the Homeland Security Secretary, working with the National Cyber Director, to declare a significant cyber incident. CISA would coordinate the response to the event and tap the emergency fund to help both private companies, and the government, recover from cyberattacks.

Hackers Apologize to Arab Royal Families for Leaking Their Data

www.vice.com/en/article/n7nw8m/conti-ransomware-hackers-apologize-to-arab-royal-families-for-leaking-their-data In October, the infamous ransomware gang known as Conti released thousands of files stolen from the UK jewelry store Graff. Among the data Conti leaked, there were sensitive files belonging to celebrities like David Beckham, Oprah Winfrey, and Donald Trump, according to The Daily Mail. There was also, according to the hackers themselves, information belonging to the UAE, Qatar, and Saudi royal families. “We found that our sample data was not properly reviewed before being uploaded to the blog, ” the hackers wrote in an announcement published on Thursday. “Conti guarantees that any information pertaining to members of Saudi Arabia, UAE, and Qatar families will be deleted without any exposure and review.”. “Our Team apologizes to His Royal Highness Prince Mohammed bin Salman and any other members of the Royal Families whose names were mentioned in the publication for any inconvenience, ” the hackers added.

Ransomware Attack on Lab in Florida

www.infosecurity-magazine.com/news/ransomware-attack-on-florida-lab/ A ransomware attack on a laboratory based in Florida has exposed the personal health information (PHI) of more than 30, 000 patients.

Microsoft Warns Of Moving Target’ Password AttacksHere’s How To Stop Them

www.forbes.com/sites/daveywinder/2021/11/07/microsoft-confirms-rising-tide-of-moving-target-password-attacks-heres-how-to-stop-them/ While password spraying isn’t a technique that’s off the consumer radar, it’s an attack vector that DART has seen being ramped up in attacks targeting Microsoft’s business users recently.. What Microsoft explains is who these targets, based on the DART findings, are likely to be. The answer is admins. They could be Exchange or SharePoint admins, a security or helpdesk admin, maybe a user or company admin. The common denominator is the administrator part: Microsoft says it has specifically seen an increase in the number of cloud admin accounts being targeted in this way.

Kova väite: joka kolmas datakeskus heitteillä Suomessa [TILAAJILLE]

www.tivi.fi/uutiset/kova-vaite-joka-kolmas-datakeskus-heitteilla-suomessa/30bdd3b7-933a-4f89-bd34-8dc1f1ccaf39 Monissa datakeskuksissa ei nykyisin tehdä tarkempia selvityksiä laitteiden kunnosta, kunhan mikään varoitusvalo ei pala. Näin väittää Rittal, joka tarjoaa itse myös huoltopalveluita.

Operation Cyclone deals blow to Clop ransomware operation

www.bleepingcomputer.com/news/security/operation-cyclone-deals-blow-to-clop-ransomware-operation/ A thirty-month international law enforcement operation codenamed ‘Operation Cyclone’ targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine. This Friday, new information came to light regarding how the operation was conducted and the law enforcement agencies involved. The transcontinental operation named ‘Operation Cyclone’ was coordinated from INTERPOL’s Cyber Fusion Centre in Singapore, with assistance from Ukrainian and US law enforcement authorities. The operation was also assisted by private partners, including Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet, and Group-IB.

SolarWinds Investors Allege Board Knew About Cybersecurity Risks Ahead of Massive Breach

gadgets.ndtv.com/internet/news/solarwinds-hack-cyberattack-board-knew-security-risks-investors-allege-2600864 SolarWinds investors have sued the software company’s directors, alleging they knew about and failed to monitor cybersecurity risks to the company ahead of a breach that created a vulnerability in thousands of its customers’ systems.

You might be interested in …

Daily NCSC-FI news followup 2020-07-06

U.K. Set to Start Huawei 5G Phase-Out as Soon as This Year www.bloomberg.com/news/articles/2020-07-05/u-k-prepares-to-start-huawei-5g-phase-out-as-soon-as-this-year Prime Minister Boris Johnson is preparing to begin phasing out the use of Huawei Technologies Co. equipment in the U.K.s 5G telecoms network as soon as this year, a person familiar with the matter said. OVER 1,800 F5 BIG-IP ENDPOINTS VULNERABLE TO […]

Read More

Daily NCSC-FI news followup 2021-08-27

Big bad decryption bug in OpenSSL but no cause for alarm nakedsecurity.sophos.com/2021/08/27/big-bad-decryption-bug-in-openssl-but-no-cause-for-alarm/ The well-known and widely-used encryption library OpenSSL released a security patch earlier this week. OpenSSL, as its name suggests, is mainly used by network software that uses the TLS protocol (transport layer security), formerly known as SSL (secure sockets layer), to protect data […]

Read More

Daily NCSC-FI news followup 2021-01-21

Digitaalinen turvallisuus 2030 -ohjelma kehittää yhteiskunnan kyberhäiriöiden sietokykyä www.huoltovarmuuskeskus.fi/digitaalinen-turvallisuus-2030-ohjelma-kehittaa-yhteiskunnan-kyberhairioiden-sietokykya/ Huoltovarmuuskeskus käynnistää laajan ohjelmakokonaisuuden, jonka tarkoituksena on kehittää yhteiskunnan sietokykyä kyberhäiriöitä vastaan. Digitaalinen turvallisuus 2030 -ohjelman painopisteet ovat kyberhäiriöihin varautuminen, toimintakyky häiriöiden sattuessa, yhteistyö yhteiskunnan ja yritysmaailman eri toimijoiden välillä sekä tulevaisuuden ilmiöiden ennakointi. Ohjelma on osa Suomen kansallisen kyberturvallisuusstrategian toteutusta. Ransomware is now the biggest […]

Read More