Daily NCSC-FI news followup 2021-02-14

Egregor ransomware operators arrested in Ukraine www.zdnet.com/article/egregor-ransomware-operators-arrested-in-ukraine/ Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself.. Members of the Egregor ransomware cartel have been arrested this week in Ukraine, French radio station France Inter reported on Friday, citing law enforcement sources. Pro-India hackers use Android spyware to spy […]

Read More

Daily NCSC-FI news followup 2021-02-13

Who is to blame for the malicious Barcode Scanner that got on the Google Play store? blog.malwarebytes.com/android/2021/02/who-is-to-blame-for-the-malicious-barcode-scanner-that-got-on-the-google-play-store/ In our last blog, Barcode Scanner app on Google Play infects 10 million users with one update, we wrote about a barcode scanner found on the Google Play store that was infected with Android/Trojan.HiddenAds.AdQR.. All initial signs led […]

Read More

Daily NCSC-FI news followup 2021-02-12

Tori.fissä kaksi kieroa huijausta varo tällaisia yhteydenottoja www.is.fi/digitoday/tietoturva/art-2000007799557.html Meneillään on kaksi erilaista huijauskampanjaa. Tori.fi antaa kolme turvavinkkiä. After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy hotforsecurity.bitdefender.com/blog/after-hackers-blackmailed-their-clients-finnish-therapy-firm-declares-bankruptcy-25313.html Vastaamo, the Finnish psychotherapy practice that covered up a horrific security breach which resulted in patients receiving blackmail threats, has declared itself bankrupt.. According to data collected […]

Read More

Daily NCSC-FI news followup 2021-02-11

Vastaamon palvelimen portti 3306 oli auki nettiin 1, 5 vuotta ja kiristys alkoi jo 2018 julkisuuskatastrofia viivytettiin viimeiseen asti www.is.fi/digitoday/tietoturva/art-2000007794906.html Vastaamon ensimmäisessä kiristysyrityksessä on saattanut olla kyse “roiskaisusta”, jossa tietomurtaja ei tiennyt, mitä hänellä oli käsissään. Vastaamon asiakastietokannan varastaminen johtui palvelimelle auki jätetystä tietoliikenneportista, joka oli auki 1, 5 vuoden ajan. Lookout Discovers Novel Confucius […]

Read More

Daily NCSC-FI news followup 2021-02-10

Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7 www.zdnet.com/article/following-oldsmar-attack-fbi-warns-about-using-teamviewer-and-windows-7/ An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer. French MNH health insurance company hit by RansomExx ransomware www.bleepingcomputer.com/news/security/french-mnh-health-insurance-company-hit-by-ransomexx-ransomware/ French health insurance company Mutuelle Nationale des Hospitaliers (MNH) […]

Read More

Daily NCSC-FI news followup 2021-02-09

Hackers tried poisoning town after breaching its water facility www.bleepingcomputer.com/news/security/hackers-tried-poisoning-town-after-breaching-its-water-facility/ A hacker gained access to the water treatment system for the city of Oldsmar, Florida, and attempted to increase the concentration of sodium hydroxide (NaOH), also known as lye and caustic soda, to extremely dangerous levels. Recommendations Following the Oldsmar Water Treatment Facility Cyber Attack […]

Read More

Daily NCSC-FI news followup 2021-02-08

Can The FBI Hack Into Private Signal Messages On A Locked iPhone? Evidence Indicates Yes www.forbes.com/sites/thomasbrewster/2021/02/08/can-the-fbi-can-hack-into-private-signal-messages-on-a-locked-iphone-evidence-indicates-yes/ The FBI appears to have a tool that can access Signal messages, even if a device is locked. WestRock Ransomware Attack Hinders Packaging Production threatpost.com/westrock-ransomware-attack/163717/ The ransomware attack, affecting OT systems, resulted in some of WestRock’s facilities lagging in […]

Read More

Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its […]

Read More

Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users. Eletrobras, Copel energy companies hit by ransomware attacks www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia […]

Read More

Daily NCSC-FI news followup 2021-02-04

Cybersecurity firm Stormshield hacked. Data (including source code) stolen grahamcluley.com/cybersecurity-firm-stormshield-hacked-data-including-source-code-stolen/ French cybersecurity firm Stormshield has revealed that it has suffered a security breach, and hackers have accessed sensitive information. The company, which is a major provider to the French government, says that a hacker managed to steal data after gaining access to a portal used […]

Read More