Daily NCSC-FI news followup 2020-02-25

Mobile malware evolution 2019 securelist.com/mobile-malware-evolution-2019/96280/ Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT www.fireeye.com/blog/threat-research/2020/02/ransomware-against-machine-learning-to-disrupt-industrial-production.html Firefox enables DNS-over-HTTPS by default (with Cloudflare) for all U.S. users thehackernews.com/2020/02/firefox-dns-over-https.html Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks thehackernews.com/2020/02/google-chrome-zero-day.html New OpenSMTPD RCE Flaw Affects Linux and OpenBSD […]

Read More

Daily NCSC-FI news followup 2020-02-24

Operation DRBControl www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-drbcontrol-uncovering-a-cyberespionage-campaign-targeting-gambling-companies-in-southeast-asia Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia. The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns. EU Commission to staff: Switch to Signal messaging app www.politico.eu/pro/eu-commission-to-staff-switch-to-signal-messaging-app/ The European Commission has told its staff to start […]

Read More

Daily NCSC-FI news followup 2020-02-23

U.S. Defense Agency That Secures Trumps Communications Confirms Data Breach www.forbes.com/sites/daveywinder/2020/02/21/us-defense-agency-that-secures-trumps-communications-confirms-data-breach/ The Department of Defense agency responsible for securing the communications of President Trump has suffered a data breach. Heres what is known so far. Governments of the world just ramped up spying on reporters www.cjr.org/first_person/ft-nations-surveillance-attacks.php Transparent Tribe: Four Years Later blog.yoroi.company/research/transparent-tribe-four-years-later/ Operation Transparent Tribe […]

Read More

Daily NCSC-FI news followup 2020-02-22

Slickwraps Data Breach Exposes Financial and Customer Info www.bleepingcomputer.com/news/security/slickwraps-data-breach-exposes-financial-and-customer-info/ Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed.. Slickwraps is a mobile device case retailer who […]

Read More

Daily NCSC-FI news followup 2020-02-20

U.S. agency responsible for Trump’s secure communication suffered data breach: letter www.reuters.com/article/us-usa-defense-breach/u-s-agency-responsible-for-trumps-secure-communication-suffered-data-breach-letter-idUSKBN20E27A The letter, dated Feb. 11, 2020, says that between May and July 2019, personal data may have been compromised in a data breach on a system hosted by the Defense Information Systems Agency.. The agency says it provides direct telecommunications and IT support […]

Read More

Daily NCSC-FI news followup 2020-02-19

ISS: Security incident impacting parts of the IT environment www.fi.issworld.com/ On 17 February 2020, ISS was the target of a malware attack. As a precautionary measure and as part of our standard operating procedure, we immediately disabled access to shared IT services across our sites and countries, which ensured the isolation of the incident. Dharma […]

Read More

Daily NCSC-FI news followup 2020-02-18

Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin threatpost.com/active-exploits-hit-vulnerable-wordpress-themegrill-plugin/152947/ Researchers are urging users of a vulnerable WordPress plugin, ThemeGrill Demo Importer, to update as soon as possible after discovering attackers are actively exploiting a flaw in the plugin. Ole organisaatiosi tietoturvan vahvin lenkki myös matkustaessasi ek.fi/ajankohtaista/uutiset/2020/02/18/ole-organisaatiosi-tietoturvan-vahvin-lenkki-myos-matkustaessasi/ Matkustaessa korostuvat mahdollisuus henkilötiedusteluun, eli ihmisiltä tehtävään tiedonhankintaan, sekä riski […]

Read More

Daily NCSC-FI news followup 2020-02-17

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/ Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.. Source: www.clearskysec.com/fox-kitten/ Austria: Cyber attack on the Foreign Ministry is over www.bmeia.gv.at/en/the-ministry/press/announcements/2020/02/cyber-attack-on-the-foreign-ministry-is-over/ After really intensive work and excellent cooperation between all […]

Read More

Daily NCSC-FI news followup 2020-02-16

Rikolliset huijasivat 2,6 miljoonaa Puerto Ricon hallitukselta www.tivi.fi/uutiset/tv/be9c0d32-bac0-42b0-ae4d-2ea0bca660cc Puerto Ricossa on paljastunut tapaus, jossa hakkerit ovat onnistuneet saamaan omalle tililleen peräti 2,6 miljoonaa paikallisen hallinnon rahoja. Tarkkaa huijauskeinoa ei ole paljastettu, mutta Softpedian mukaan hakkerit onnistuivat jollakin konstilla vaihtamaan yhden tilinumeron, ja sitä kautta rahat valuivat vääriin käsiin. Israelilaissotilaita houkuteltiin naisten avulla – seksikuvien sijasta […]

Read More

Daily NCSC-FI news followup 2020-02-15

Edes puhelimen nollaus ei auta näin toimii häijy haittaohjelma www.is.fi/digitoday/tietoturva/art-2000006407633.html Erittäin sitkeä xHelper-haittaohjelma on ihmetyttänyt tietoturvatutkijoita kuukausien ajan, mutta nyt sen salaisuudet ovat vihdoin selvinneet ainakin osittain. Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities www.zdnet.com/article/unknown-number-of-bluetooth-le-devices-impacted-by-sweyntooth-vulnerabilities/ BLE software kits from six chipset vendors impacted. More vendor names to be revealed soon. Suomalaisille soitettu […]

Read More