Daily NCSC-FI news followup 2021-07-28

2021 Global IoT Trends Report www.newark.com/iot-trends-2021 We reached out to our global customer base with an IoT survey between September 2020 and December 2020. We got 2,095 completed questionnaires, primarily from engineers of IoT solutions, in 60 countries. S.Africa’s Port Terminals Still Disrupted Days After Cyber-Attack www.securityweek.com/safricas-port-terminals-still-disrupted-days-after-cyber-attack The attack has affected ports in Durban — […]

Read More

Daily NCSC-FI news followup 2021-07-27

Microsoft Teams now automatically blocks phishing attempts www.bleepingcomputer.com/news/security/microsoft-teams-now-automatically-blocks-phishing-attempts/ Microsoft has extended Defender for Office 365 Safe Links protection to Microsoft Teams to safeguard users from malicious URL-based phishing attacks.. This added protection couldn’t have come at a better time, seeing that, based on Microsoft’s stats, the Microsoft Teams userbase has exploded over the last 18 […]

Read More

Daily NCSC-FI news followup 2021-07-26

iOS 14.7.1: Apple Issues Urgent iPhone Update With Important Security Fixes www.forbes.com/sites/kateoflahertyuk/2021/07/26/ios-1471-apple-issues-urgent-iphone-update-with-important-security-fixes/ Its only been a week since Apple released iOS 14.7, which itself included critical security fixes, but did not address a vulnerability in iMessage that adversaries could have been taking advantage of to attack iPhones with the Pegasus spyware. Researchers warn of unpatched […]

Read More

Daily NCSC-FI news followup 2021-07-25

Shortcomings With Financial Market Infrastructure Companies Business Continuity And Cybersecurity Plans Need To Be Resolved www.forbes.com/sites/mayrarodriguezvalladares/2021/07/25/shortcomings-with-financial-market-infrastructure-companies-business-continuity-and-cybersecurity-plans-need-to-be-resolved/ [A report released this week] shows that it is doubtful that [financial markets infrastructure companies] business continuity plans (BCPs) are designed to ensure that critical information technology (IT) systems can resume operations within two hours following disruptive events and […]

Read More

Daily NCSC-FI news followup 2021-07-24

Internet Futures www.ofcom.org.uk/__data/assets/pdf_file/0013/222205/internet-futures.pdf This report should not be seen as an exhaustive list of every innovative technology being developed. Indeed, it can be no more than a sample of the high-quality ongoing research work being conducted in industry and academia. Further, the omission or inclusion of any technology shouldnt be taken as a signal of […]

Read More

Daily NCSC-FI news followup 2021-07-23

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/ Anything that can gain access to machineseven so-called commodity malwarecan bring in more dangerous threats. Weve seen this in banking Trojans serving as entry point for ransomware and hands-on-keyboard attacks. LemonDuck, an actively updated and robust malware thats primarily known […]

Read More

Daily NCSC-FI news followup 2021-07-22

Akamai DNS global outage takes down major websites, online services www.bleepingcomputer.com/news/security/akamai-dns-global-outage-takes-down-major-websites-online-services/ Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, Cloudflare, AWS, Amazon, Google, and Salesforce. Root cause – Akamai Edge DNS was down: edgedns.status.akamai.com/incidents/n5zl6dythvfv Researchers Hid Malware Inside an AI’s ‘Neurons’ And It Worked […]

Read More

Daily NCSC-FI news followup 2021-07-21

Virtuaalivaluuttoihin liittyviä rahanpesuilmoituksia alkuvuonna yli 3, 4 miljoonaa kappaletta, kertoo KRP www.is.fi/digitoday/tietoturva/art-2000008140592.html Selvittelykeskus kirjasi kesäkuun loppuun mennessä rahanpesurekisteriin ennätykselliset yli 3466000 epäilyttävää liiketoimea tai epäiltyä terrorismin rahoittamista koskevaa ilmoitusta. Näistä noin 26600 tuli muilta kuin virtuaalivaluuttapalveluihin liittyviltä tahoilta. Suomi ja Singapore 6g-yhteistyöhön “Voimme saavuttaa molemminpuolista etua” www.tivi.fi/uutiset/tv/45e16ffc-1ba1-411e-87be-edbcd797803f Oulun yliopiston koordinoima 6g-teknologian tutkimus- ja kehitysohjelma 6g […]

Read More

Daily NCSC-FI news followup 2021-07-20

Windows printer driver for HP/Samsung/Xerox vulnerable to local privilege escalation – millions of printers affected labs.sentinelone.com/cve-2021-3438-16-years-in-hiding-millions-of-printers-worldwide-vulnerable/ SentinelLabs has discovered a high severity Windows local privilege escalation flaw in HP, Samsung, and Xerox printer drivers. Since 2005 HP, Samsung, and Xerox have released millions of printers worldwide with the vulnerable driver. New Windows 10 vulnerability allows […]

Read More

Daily NCSC-FI news followup 2021-07-19

Kiina: ulkoasiainedustajan Euroopan unionin puolesta antama julkilausuma, jossa Kiinan viranomaisia kehotetaan ryhtymään toimiin Kiinan alueelta käsin toteutettuja haitallisia kybertoimia vastaan www.consilium.europa.eu/fi/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-… EU ja sen jäsenmaat paljastavat tänään yhdessä kumppaneidensa kanssa haitallisia kybertoimia, joilla on ollut merkittävä vaikutus talouteen, turvallisuuteen, demokratiaan ja koko yhteiskuntaan. EU ja sen jäsenmaat arvioivat, että nämä haitalliset kybertoimet on toteutettu Kiinan […]

Read More