Daily NCSC-FI news followup 2022-01-25

Canada confirms cyber-attack on foreign affairs ministry therecord.media/canada-confirms-cyber-attack-on-foreign-affairs-ministry/ The Canadian government confirmed late last night that its foreign affairs ministry, Global Affairs Canada, was the victim of a cyber-attack, and it’s still dealing with its after-effects. “Kyberpartisaanit” iskivät Venäjän joukkojen­kuljetuksia vastaan www.is.fi/digitoday/tietoturva/art-2000008564395.html Valkovenäläinen hakkeriryhmä vaatii poliittisten vankien vapauttamista ja venäläisiä joukkoja pois Valko-Venäjältä. DHS warns […]

Read More

Daily NCSC-FI news followup 2022-01-24

Palvelunestohyökkäys kaatoi koko valtion internetyhteydet www.tivi.fi/uutiset/tv/75eb3a21-8111-480d-a4ce-bd33e7ca6ddd Espanjan ja Ranskan rajalla sijaitsevan kääpiövaltio Andorran internetyhteydet menivät käytännössä kokonaan poikki palvelunestohyökkäysten takia. Asiasta uutisoivan Tom’s Hardwaren mukaan hyökkäykset kohdistuivat maan ainoaan teleoperaattoriin Andorra Telecomiin. Venäjä-arvio Ruotsista: “Viimeisin kyberhyökkäys vain vahvistaa kuvaa valmistautumisesta laajamittaiseen aggressioon” www.tivi.fi/uutiset/tv/ad226232-8278-412b-8968-a671c8f4f6a3 Kansainvälisen politiikan asiantuntija, Ruotsin entinen pää- ja ulkoministeri Carl Bildt pitää Ukrainan […]

Read More

Daily NCSC-FI news followup 2022-01-23

Dutch cybersecurity agency warns of lingering Log4j risks www.bleepingcomputer.com/news/security/dutch-cybersecurity-agency-warns-of-lingering-log4j-risks/ In a warning issued on Thursday, the Dutch National Cybersecurity Centre (NCSC) says organizations should still be aware of risks connected to Log4j attacks and remain vigilant for ongoing threats. Even though the aftermath of recent incidents connected to Log4Shell exploitation was “not too bad” because […]

Read More

Daily NCSC-FI news followup 2022-01-22

Cyber threat bulletin: Cyber Centre urges Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activity cyber.gc.ca/en/guidance/cyber-threat-bulletin-cyber-centre-urges-canadian-critical-infrastructure-operators-raise The Canadian Centre for Cyber Security encourages the Canadian cybersecurity communityespecially critical infrastructure network defendersto bolster their awareness of and protection against Russian state-sponsored cyber threats. The Cyber Centre joins our partners […]

Read More

Daily NCSC-FI news followup 2022-01-21

Haittaohjelma lietsoo pelkoa ei lähde edes Windowsin uudelleenasennuksella www.tivi.fi/uutiset/tv/521b1ca1-ab6f-4b27-8cbf-d0ec229cd3ca MoonBounce-niminen haittaohjelma on tehty toimimaan tietokoneen uefi-laiteohjelmistossa, joka vastaa tietokoneen käynnistämisestä. Haittaohjelma asentuu emolevyn flash-muistiin tietokoneen kovalevyn sijaan. Siksi käyttöjärjestelmän uudelleenasennus tai kovalevyn vaihto eivät poista haittaohjelmaa. Suomen kyberturvallisuudelle tärkeä nettikaapeli piti vetää merenpohjaan, mutta yhtäkkiä Venäjä vetäytyi hankkeesta mitä oikein tapahtui? yle.fi/uutiset/3-12268002?origin=rss Valtionyhtiö Cinia kiertää […]

Read More

Daily NCSC-FI news followup 2022-01-20

Sophisticated cyber-attack targets Red Cross Red Crescent data on 500, 000 people www.icrc.org/en/document/sophisticated-cyber-attack-targets-red-cross-red-crescent-data-500000-people The attack compromised personal data and confidential information on more than 515, 000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention. Lisäksi: www.bleepingcomputer.com/news/security/red-cross-cyberattack-exposes-data-of-515-000-people-seeking-missing-family/. Lisäksi: www.mtvuutiset.fi/artikkeli/kansainvalinen-punainen-risti-massiivisen-kyberhyokkayksen-kohteena-humanitaarinen-informaatio-on-vaarantunut/8336394 Open […]

Read More

Daily NCSC-FI news followup 2022-01-19

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats www.cisa.gov/uscert/ncas/current-activity/2022/01/18/cisa-urges-organizations-implement-immediate-cybersecurity In response to recent malicious cyber incidents in Ukraineincluding the defacement of government websites and the presence of potentially destructive malware on Ukrainian systemsCISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights […]

Read More

Daily NCSC-FI news followup 2022-01-18

Zooming in on Zero-click Exploits googleprojectzero.blogspot.com/2022/01/zooming-in-on-zero-click-exploits.html Zoom is a video conferencing platform that has gained popularity throughout the pandemic. Unlike other video conferencing systems that I have investigated, where one user initiates a call that other users must immediately accept or reject, Zoom calls are typically scheduled in advance and joined via an email invitation. […]

Read More

Daily NCSC-FI news followup 2022-01-17

Check Point Research issues Q4 Brand Phishing Report, highlighting the leading brands that hackers imitated in attempts to lure people into giving up personal data blog.checkpoint.com/2022/01/17/dhl-replaces-microsoft-as-most-imitated-brand-in-phishing-attempts-in-q4-2021/ Our latest Brand Phishing Report for Q4 2021 highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals personal information or payment credentials […]

Read More

Daily NCSC-FI news followup 2022-01-16

Destructive malware targeting Ukrainian organizations www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/ Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use […]

Read More