Cyber security new December 2019

This posting is here to collect cyber security news in December 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.

 

 

197 Comments

  1. Tomi Engdahl says:

    Scientists in Scotland help develop world’s first encryption system that is ‘unbreakable’ by hackers
    https://www.independent.co.uk/news/uk/home-news/quantum-computing-hackers-unbreakable-encryption-communications-a9256401.html

    New chip stores data as light which is then scrambled differently every single time information is sent onwards

    The world’s first uncrackable security system has been developed by researchers in Scotland, it has been claimed.

    Computer scientists have long feared the arrival of quantum computing would allow encrypted data to be easily decoded by hackers.

    But a global team, including scientists from the University of St Andrews, say they have achieved “perfect secrecy” by creating a chip which effectively generates a one-time-only key every time data is sent through it.

    It works by storing digital information as light which is then passed through a specially engineered silicon chip containing structures which bend and refract that light, scrambling the information.

    Crucially, this bending and refracting is different every time depending on the specific data being sent.

    Reply
  2. Tomi Engdahl says:

    The search engine that cryptographically protects your privacy
    https://private.sh/

    Reply
  3. Tomi Engdahl says:

    Three members of a cybercrime group that used the GozNym banking Trojan to steal millions from U.S. businesses were sentenced today in parallel and multi-national prosecutions in Pittsburgh and Tbilisi, Georgia.

    The GozNym group members were charged for stealing “an estimated $100 million from more than 41 000 victims, primarily businesses and their financial institutions” according to a Europol [press release](http://www.eurojust.europa.eu/press/PressReleases/Pages/2019/2019-05-16.aspx) from May.

    [https://www.bleepingcomputer.com/news/security/goznym-gang-members-behind-100-million-damages-sentenced/](https://www.bleepingcomputer.com/news/security/goznym-gang-members-behind-100-million-damages-sentenced/)

    Reply
  4. Tomi Engdahl says:

    Russia Plans To Cut Off Some Internet Access Today
    from the how-about-that dept.
    https://m.slashdot.org/story/365018

    Russia has temporarily shut off many of its citizens’ access to the global internet today in a test of its controversial RuNet program, according to an internal government document.

    RuNet aims to boost the government’s ability to better control internal digital traffic, launch cyber and information attacks against other nations, and track and censor dissidents. The test will evaluate “the possibility of intercepting subscriber traffic and revealing information about the subscriber, blocking communication services,”

    https://www.defenseone.com/technology/2019/12/russia-plans-cut-some-internet-access-next-week/162028/

    The Dec. 23 test aims to evaluate a system meant to control traffic, veil hackers, and quash dissent

    Reply
  5. Tomi Engdahl says:

    No, Spotify, You Shouldn’t Have Sent Mysterious USB Drives To Journalists
    https://m.slashdot.org/story/365028

    Reply
  6. Tomi Engdahl says:

    Chinese state-sponsored group APT20 has been busy hacking government entities and managed service providers.

    Chinese hacker group caught bypassing 2FA
    https://www.zdnet.com/article/chinese-hacker-group-caught-bypassing-2fa/

    Chinese state-sponsored group APT20 has been busy hacking government entities and managed service providers.

    Security researchers say they found evidence that a Chinese government-linked hacking group has been bypassing two-factor authentication (2FA) in a recent wave of attacks.

    The group’s primary targets were government entities and managed service providers (MSPs). The government entities and MSPs were active in fields like aviation, healthcare, finance, insurance, energy, and even something as niche as gambling and physical locks.

    According to researchers, the hackers used web servers as the initial point of entry into a target’s systems, with a particular focus on JBoss, an enterprise application platform often found in large corporate and government networks.

    While on the inside, Fox-IT said the group dumped passwords and looked for administrator accounts, in order to maximize their access. A primary concern was obtaining VPN credentials

    using legitimate tools that were already installed on hacked devices, rather than downloading their own custom-built malware

    Fox-IT analysts said they found evidence the hackers connected to VPN accounts protected by 2FA.

    How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA at will.

    to make use of the 2 factor authentication codes is to steal an RSA SecurID Software Token and to patch 1 instruction, which results in the generation of valid tokens.

    Reply
  7. Tomi Engdahl says:

    Mastercard acquires security assessment startup, RiskRecon
    https://tcrn.ch/2SmWfrg

    Mastercard announced today that it is acquiring RiskRecon, a Salt Lake City startup that uses publicly available data to build security assessments of organizations. The companies did not share the purchase price.

    It has become increasingly important for financial services companies like Mastercard to help customers navigate cybersecurity, and RiskRecon will give customers an objective score of a company’s risk profile.

    Reply
  8. Tomi Engdahl says:

    Just a holiday reminder don’t forget to change the default user and password on any IOT devices family members get at christmas

    Reply
  9. Tomi Engdahl says:

    Colleges are turning students’ phones into surveillance machines, tracking the locations of hundreds of thousands
    https://www.washingtonpost.com/technology/2019/12/24/colleges-are-turning-students-phones-into-surveillance-machines-tracking-locations-hundreds-thousands/

    When Syracuse University freshmen walk into professor Jeff Rubin’s Introduction to Information Technologies class, seven small Bluetooth beacons hidden around the Grant Auditorium lecture hall connect with an app on their smartphones and boost their “attendance points.”

    And when they skip class? The SpotterEDU app sees that, too, logging their absence into a campus database that tracks them over time and can sink their grade. It also alerts Rubin, who later contacts students to ask where they’ve been. His 340-person lecture has never been so full.

    “They want those points,” he said. “They know I’m watching and acting on it. So, behaviorally, they change.”

    (https://www.washingtonpost.com/technology/2019/12/24/colleges-are-turning-students-phones-into-surveillance-machines-tracking-locations-hundreds-thousands/)

    6,000 location data points. Per student. Per day.

    Maybe if your lecture needs to compel attendance the content isn’t worthwhile on it’s own merit.

    And what about the kids that don’t have phones? I know, who am I kidding.

    Is this practice for putting BT sensors in employer’s bathrooms and break rooms so they can determine if you’re not at your desk enough?

    My initial reaction is to tape a phone under the desk in such a classroom and remotely enable the BT on/off.

    Reply
  10. Tomi Engdahl says:

    This critical Citrix NetScaler bug could affect 80,000 companies
    IT admins managing Citrix systems could have a headache.
    https://www.zdnet.com/article/this-critical-citrix-netscaler-bug-could-affect-80000-companies/

    Reply
  11. Tomi Engdahl says:

    “Security researchers at Proofpoint have uncovered a widespread campaign using Miss Thunberg’s name to trick users into downloading the notorious Emotet malware botnet.”

    Greta Thunberg malware is not the present you want this Christmas
    https://www.google.com/amp/s/www.techradar.com/amp/news/greta-thunberg-malware-is-not-the-present-you-want-this-christmas

    Hackers targeting students with Greta Thunberg themed email attacks

    Reply
  12. Tomi Engdahl says:

    BBC: Venäjä kertoo testanneensa onnistuneesti maan sisäistä tietoverkkoa
    https://yle.fi/uutiset/3-11134396

    Reply
  13. Tomi Engdahl says:

    Hacker tried to blackmail Apple; threatened to delete 319M iCloud accounts
    https://9to5mac.com/2019/12/23/blackmail-apple/

    A 22-year-old Londoner has been convicted of attempting to blackmail Apple out of $100,000 worth of iTunes cards after falsely claiming he had access to 319 million iCloud accounts.

    He variously threatened to sell access to the account details, and to reset all the accounts…

    Apple said there was no evidence that Albayrak or the TCF had compromised any accounts, and the NCA confirmed

    “Albayrak wrongly believed he could escape justice after hacking in to two accounts and attempting to blackmail a large multinational corporation.

    During the investigation, it became clear that he was seeking fame and fortune. But cybercrime doesn’t pay.”

    Reply
  14. Tomi Engdahl says:

    Not so IDLE hands: FBI program offers companies data protection via deception
    Newly surfaced doc outlines FBI’s IDLE program—which teases thieves with “decoy data.”
    https://arstechnica.com/information-technology/2019/12/not-so-idle-hands-fbi-program-offers-companies-data-protection-via-deception/

    program, called IDLE (Illicit Data Loss Exploitation), does this by creating “decoy data that is used to confuse illicit… collection and end use of stolen data.”

    FBI hopes will derail all types of attackers, particularly advanced threats from outside and inside the network.

    In a discussion about the FBI’s overall philosophy on fighting cybercrime, Chu told Ars that the FBI is “taking more of a holistic approach” these days. Instead of reacting to specific events or criminal actors, he said, “we’re looking at cyber crime from a key services aspect”—aka, what are the things that cybercriminals target?—”and how that affects the entire cyber criminal ecosystem. What are the centers of gravity, what are the key services that play into that?”

    In the past, the FBI got involved only when a crime was reported. But today, the new approach means playing more of a consultative role to prevent cybercrime

    at FBI Headquarters, there’s a quote there. ‘The most effective weapon against crime is cooperation, the efforts of all law enforcement and the support and understanding of the American people.’ That can not be more true today

    Some information sharing takes the form of collaboration with industry information sharing and analysis centers (ISACs) and “Flash” and “Private Industry Notice” (PIN) alerts on cybercrime issues.

    The concept of using “deception platforms” is one that launched a dozen or so security startups a few years ago, but deception has played a significant role in physical security and military conflict going back at least as far as the (possibly fictional) Trojan Horse. The idea of “honeypots” is intended to draw attackers for the purpose of collecting threat intelligence, and that’s just one well-known example of defensive deception. More complicated deceptive platforms might create entire fake client and server infrastructures (virtual or physical) that attempt to fool attackers into going down dead-ends in the search for sensitive data—giving defenders time to track such attackers and kick them out.

    The goal is to give companies a greater chance of spotting attackers before they are able to get anything of value.

    So rather than being a “honeypot” put in place to attract hackers for threat intelligence purposes, IDLE data is intended to baffle an attacker by obfuscating real data. It’s an attempt to make the illicit use of stolen data much more difficult, or as another official described it, IDLE’s approach is like putting bogus pieces in a jigsaw puzzle. The goal is to confuse attackers about how everything fits together.

    While the program is not classified, FBI officials would not speak in depth about IDLE because of its sensitivity

    How effective IDLE’s approach is to deterring attackers on its own is questionable, Rendition Infosec founder and former National Security Agency operator Jake Williams told Ars. “I’m not sure how much more costly it makes things for Intruders,” he said. “Without increased visibility into the network, it won’t really do much.”

    IDLE data’s worth to the FBI, however, seems clear. IDLE data is “highlighted” in a number of ways, largely analogous to the types of detection done by commercial data loss prevention systems and other security products. The companies that deploy IDLE can monitor access to the dummy files

    Reply
  15. Tomi Engdahl says:

    Cyberattack on Twitter targeted Epilepsy Foundation with strobing images
    Attackers apparently tried to trigger seizures in followers of the account who have the condition.
    https://www.cnet.com/news/cyberattack-on-twitter-targeted-epilepsy-foundation-with-strobing-images/

    Attackers sent videos of flashing strobe lights to thousands of followers of the Epilepsy Foundation’s Twitter account last month in an apparent attempt to trigger seizures in those with the condition, the foundation said Monday. The attacks, which used the foundation’s Twitter handle and hashtags to get the videos in front of the account’s followers, occurred during National Epilepsy Awareness Month, when more people would be likely checking the feed.

    “These attacks are no different than a person carrying a strobe light into a convention of people with epilepsy and seizures, with the intention of inducing seizures and thereby causing significant harm to the participants,”

    Reply
  16. Tomi Engdahl says:

    On Monday, Russia completed a series of tests designed to make sure that its internet services could still work when isolated from the world wide web.

    Russia Cuts Off Its Internet, With Mixed Results
    http://on.forbes.com/61891Xhac

    Russia yesterday completed a series of tests designed to make sure that its internet services could still work when isolated from the worldwide web.

    The tests, said to involve state-run institutions and security services, as well as all communications operators, message services and email providers, effectively turned Russia’s internet, RuNet, into the largest intranet in the world.

    Four federal telecom operators took part, with 18 attack scenarios: 12 involving signaling networks of the SS7 phone networking protocol and six the signaling networks of the Diameter protocol, one of the main protocols in 4G networks.

    “It turned out that, in general, both the authorities and telecom operators are ready to effectively respond to possible risks and threats and ensure the functioning of the internet and the unified telecommunication network in Russia,” Alexey Sokolov, deputy head of the Ministry of Digital Development, Communications and Mass Communications, told Pravda.

    Reply
  17. Tomi Engdahl says:

    Popular chat app ToTok is actually a spying tool of UAE government – report
    Government reportedly uses ToTok to track conversations, locations and other data of those who install the app
    Associated Press
    https://www.theguardian.com/world/2019/dec/23/totok-popular-chat-app-spying-tool-uae-government?CMP=share_btn_fb

    A chat app that quickly became popular in the United Arab Emirates for communicating with friends and family is actually a spying tool used by the government to track its users, according to a New York Times report.

    The government uses ToTok to track conversations, locations, images and other data of those who install the app on their phones, the Times reported

    https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html?searchResultPosition=1&login=smartlock&auth=login-smartlock&login=smartlock&auth=login-smartlock

    Reply
  18. Tomi Engdahl says:

    Trump still has to sign for this to become law. It would require US telephone providers to implement shaken/stir protocol within 18 months, to stop callerID spoofing and robocalls.

    Congress approves the TRACED Act to fight robocalls
    https://www.engadget.com/2019/12/19/congress-traced-act-robocall-legislation/

    The legislation could help find and prosecute robocallers.

    Today, Senate approved the TRACED Act, or Telephone Robocall Abuse Criminal Enforcement Act. The legislation could give the government new powers to prosecute robocallers, The Washington Post says. It would also require carriers that authenticate and block spam callers to share those services with customers for free.

    Reply
  19. Tomi Engdahl says:

    Cryptocurrency-mining botnet uses a Taylor Swift image to hide malware payloads
    https://www.zdnet.com/article/cryptocurrency-mining-botnet-uses-a-taylor-swift-image-to-hide-malware-payloads/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook

    MyKingz (Smominru) botnet hides the malware it deploys on infected hosts inside a JPEG of Taylor Swift.

    The name of the botnet is MyKingz, also known as Smominru, DarkCloud, or Hexmen, depending on the cyber-security firm whose report you’re reading.

    MyKingz was first spotted in late 2017. Since then, the botnet has been the largest crypto-mining malware operation on the market.

    Reply
  20. Tomi Engdahl says:

    Hackers keep dumping Ring credentials online ‘for the giggles’
    Three cache of Ring user credentials have surfaced this week.
    https://www.zdnet.com/article/hackers-keep-dumping-ring-credentials-online-for-the-giggles/

    Reply
  21. Tomi Engdahl says:

    Prison camera hacked, streamed live on YouTube
    https://www.fox5ny.com/news/prison-camera-hacked-streamed-live-on-youtube

    BANGKOK – Authorities in Thailand say they are investigating an apparent online break-in by a computer hacker that allowed him to broadcast surveillance video from inside a prison in the country’s south.

    Many surveillance cameras, along with other gadgets, are linked online in what has become known as the Internet of Things, or IoT. Security for such items is often neglected by their users, allowing access by unauthorized parties.

    Reply
  22. Tomi Engdahl says:

    Threat modeling packages on the npm ecosystem. Can an [event-stream incident](https://snyk.io/blog/a-post-mortem-of-the-malicious-event-stream-backdoor/) happen again? How about other supply chain attacks? What will be the next vector of attack that we haven’t seen yet and might it be entirely preventable?

    Why npm lockfiles can be a security blindspot for injecting malicious modules
    https://snyk.io/blog/why-npm-lockfiles-can-be-a-security-blindspot-for-injecting-malicious-modules/

    Reply
  23. Tomi Engdahl says:

    Nyt napsahti kipeästi – pahamaineinen haittaohjelma kaatoi yhden maailman tärkeimmistä talouskaupungeista
    https://www.tivi.fi/uutiset/nyt-napsahti-kipeasti-pahamaineinen-haittaohjelma-kaatoi-yhden-maailman-tarkeimmista-talouskaupungeista/ccb01fc3-93e0-4e7c-870d-9ca93c65871b

    Erittäin pahamaineinen Emotet-haittaohjelma pääsi saastuttamaan Frankfurtin kaupungin it-järjestelmät. Iskun vuoksi Frankfurt joutui pudottamaan itsensä netistä.

    Jotta Emotet ei pääsisi jatkamaan Frankfurtista matkaansa muualle, tai ennen kuin se päästäisi sisään jotain vielä pahempaa, Saksan kyberturvaosasto BSI:n neuvoma kaupunki veti hätäjarrusta ja ajoi itse omat järjestelmänsä alas voidakseen kuurata ne huolella.

    Frankfurt shuts down IT network following Emotet infection
    https://www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/

    Frankfurt city officials take down IT network to prevent Emotet to be used as a staging point to launch a ransomware attack.

    Frankfurt, one of the largest financial hubs in the world and the home of the European Central Bank, has shut down its IT network this week following an infection with the Emotet malware.

    Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet.

    The other three are
    (1) the Justus Liebig University (JLU) in Gießen
    (2) Bad Homburg, another city north of Frankfurt
    (3) the Catholic University in Freiburg

    Reply
  24. Tomi Engdahl says:

    Facebook is so deep in our ass that you can think something and you’ll start getting ads for it

    Reply
  25. Tomi Engdahl says:

    How ICE Uses Social Media to Surveil and Arrest Immigrants
    https://theintercept.com/2019/12/22/ice-social-media-surveillance/

    EMAILS SENT BY Immigration and Customs Enforcement officials expose how ICE used social media and information gleaned by for-profit data brokers to track down and arrest an immigrant in Southern California. In the emails, which were disclosed in federal court filings, officials discussed the relationship status of the person, noting that he was “broken hearted,” according to Facebook posts, and confirmed his identity through pictures posted at his father’s birthday party.

    ICE ultimately arrested the person after he “checked in” to a Home Depot on Facebook.

    Reply
  26. Tomi Engdahl says:

    Microsoft Seizes Web Domains Used by North Korean Hackers
    https://www.securityweek.com/microsoft-seizes-web-domains-used-north-korean-hackers

    The US technology giant said a federal court allowed it to take control of 50 domains operated by a group dubbed Thallium, which tricked online users by fraudulently using Microsoft brands and trademarks.

    Reply
  27. Tomi Engdahl says:

    UN Backs Russia on Internet Convention, Alarming Rights Advocates
    https://www.securityweek.com/un-backs-russia-internet-convention-alarming-rights-advocates

    The United Nations on Friday approved a Russian-led bid that aims to create a new convention on cybercrime, alarming rights groups and Western powers that fear a bid to restrict online freedom.

    The General Assembly approved the resolution sponsored by Russia and backed by China, which would set up a committee of international experts in 2020.

    The panel will work to set up “a comprehensive international convention on countering the use of information and communications technologies for criminal purposes,” the resolution said.

    The United States, European powers and rights groups fear that the language is code for legitimizing crackdowns on expression, with numerous countries defining criticism of the government as “criminal.”

    Reply
  28. Tomi Engdahl says:

    Cyber Attack Forces Airline to Cancel Flights in Alaska
    https://www.securityweek.com/cyber-attack-forces-airline-cancel-flights-alaska

    RavnAir canceled at least a half-dozen flights in Alaska on Saturday — at the peak of holiday travel — following what the company described as “a malicious cyber attack” on its computer network.

    The cancellations affected around 260 passengers, according to company spokeswoman Debbie Reinwand.

    The regional carrier canceled all flights involving its Dash 8 aircraft until noon “because the cyber attack forced us to disconnect our Dash 8 maintenance system and its back-up,”

    Reply
  29. Tomi Engdahl says:

    Yahoo News:
    Overview of the ongoing efforts by the US to modernize its spy operations, to contain the damage from the 2014 OPM breach, be more resilient to tracking, more — When hackers began slipping into computer systems at the Office of Personnel Management in the spring of 2014 …

    ‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age
    https://news.yahoo.com/shattered-inside-the-secret-battle-to-save-americas-undercover-spies-in-the-digital-age-100029026.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cudGVjaG1lbWUuY29tLw&guce_referrer_sig=AQAAABM0DO3JdyhBOXQZo4rHwntoZX_47sIjr2QQI_sFeYVDCSGGj2KlOOSW7xHl7oXTMtRKVhLjNd3PU72z7-Iks6j7HGYmjICNcK4J4Qi83DZkS-aR5PjTgoKj46DuAMZbg3GvuInobcDtu6mRWWadsEOV2VkDhN_w9fNiVSbbuBlB

    When hackers began slipping into computer systems at the Office of Personnel Management in the spring of 2014, no one inside that federal agency could have predicted the potential scale and magnitude of the damage. Over the next six months, those hackers — later identified as working for the Chinese government — stole data on nearly 22 million former and current American civil servants, including intelligence officials.

    The data breach, which included fingerprints, personnel records and security clearance background information, shook the intelligence community to its core. Among the hacked information’s other uses, Beijing had acquired a potential way to identify large numbers of undercover spies working for the U.S. government.

    Reply
  30. Tomi Engdahl says:

    Londoner who tried to blackmail Apple with 300m+ iCloud account resets was reusing stale old creds
    Community service for ‘Turkish Crime Family’ wannabe big dog
    https://www.theregister.co.uk/2019/12/24/kerem_albayrak_apple_icloud_blackmail_sentenced/

    A 22-year-old Londoner has been given 300 hours of community service and a State-enforced bedtime after trying to blackmail Apple with hundreds of millions of previously compromised login credentials.

    Kerem Albayrak, 22, demanded Apple give him $75,000 in crypto-currency or a thousand $100 iTunes gift cards. If the maker of shiny white electronic stuff didn’t comply, Albayrak said he would factory-reset 319 million iCloud accounts and “dump his databases online if his demands were not met,” according to the National Crime Agency.

    Reply
  31. Tomi Engdahl says:

    News
    Politics
    Sport
    Football
    Celebs
    TV
    Film
    Royals
    Weird News
    Tech
    Money
    Travel
    Fashion
    Mums
    Competitions
    Quizzes
    Got a Story?

    Shop
    Voucher Codes
    Offers
    Bingo
    Dating
    Jobs
    Funeral Notices
    Horoscopes
    Cartoons
    Crosswords

    HomeTechnologyGoogle

    Google warns of scams targeting elderly users – how to keep your loved ones safe online
    https://www.mirror.co.uk/tech/google-warns-scams-targeting-elderly-21121887

    EXCLUSIVE: Google has issued a warning about online scams that specifically target elderly users, and gives its top tips to keep your loved ones safe online

    While older people are often thought of as ‘technophobes’, 60+ year-olds are slowly but surely embracing technology into their lives.

    But Google has issued a warning about online scams that specifically target elderly users.

    Speaking to Mirror Online, Elijah Lawal, online safety communications manager at Google, explained: “No matter how long you’ve been using the internet, the online world continues to present increasingly sophisticated security threats, from manipulative scammers to advanced password hackers.

    “It’s certainly a concern for older internet users — 75% of Brits over 60 report having worried about online safety in the past year.”

    Here are Google’s top tips to help seniors stay safe online this Christmas.
    1. Keep strong, unique passwords
    2. Be careful who you trust
    3. Take care when sharing

    Reply
  32. Tomi Engdahl says:

    tietoliikennekatkos sairaaloissa – käyttäjän vahinko katkaisi yhteyden potilastietojärjestelmiin
    https://yle.fi/uutiset/3-11138205

    Satakunnassa erikoissairaanhoitoa tuottavan Satasairaalan tietoverkoissa oli maanantaina päivällä laaja ja erittäin vakavaksi kuvattu tietoliikennekatkos.

    Tietohallintojohtaja Leena Ollonqvist sanoo, että yli tunnin kestänyt katkos johtui vahingosta: joku käyttäjä oli siirtänyt tietokoneensa toiseen paikkaan ja aiheuttanut verkkoon luupin, joka kuormitti koko järjestelmää. Ollonqvist kuvaa tilannetta erittäin vakavaksi.

    – Koneita ei saisi itse siirtää paikasta toiseen. Nyt syntynyt vika on erittäin kriittinen. Vastaavia on vain noin kerran viidessä vuodessa, Ollonqvist sanoo.

    Reply
  33. Tomi Engdahl says:

    Uusi viranomainen alkaa välittää suomalaisten potilastietoja eteenpäin, mutta lupaa yksityisyyden suojan olevan turvattu
    https://yle.fi/uutiset/3-11133001

    Reply
  34. Tomi Engdahl says:

    DNSSEC still fueling DNS amplification attacks, TCP SYN flood attacks rise
    https://www.helpnetsecurity.com/2019/12/19/dns-amplification-attacks-increase/

    DNS amplification attacks continue to increase in number, growing 4,788% over Q3 2018, according to Nexusguard.

    DNSSEC (Domain Name System Security Extensions) remains the main driver of growth of DNS amplification attacks in the quarter, yet analysts have detected a sharp and concerning rise in TCP SYN flood attacks.

    TCP SYN flood is not a new method, but findings indicate that techniques have grown in sophistication and have emerged as the third most used attack vector, behind DNS amplification and HTTP flood attacks.

    Reply
  35. Tomi Engdahl says:

    20 Vulnerabilities to Prioritize Patching Before 2020
    Researchers list the top 20 vulnerabilities currently exploited by attack groups around the world.
    https://www.darkreading.com/threat-intelligence/20-vulnerabilities-to-prioritize-patching-before-2020/d/d-id/1336691

    Reply
  36. Tomi Engdahl says:

    Google Chrome impacted by new Magellan 2.0 vulnerabilities
    Magellan 2.0 vulnerabilities were patched in Google Chrome 79.0.3945.79.
    https://www.zdnet.com/article/google-chrome-impacted-by-new-magellan-2-0-vulnerabilities/

    A new set of SQLite vulnerabilities can allow attackers to remotely run malicious code inside Google Chrome, the world’s most popular web browser.

    The vulnerabilities, five, in total, are named “Magellan 2.0,” and were disclosed today by the Tencent Blade security team.

    Reply
  37. Tomi Engdahl says:

    US Coast Guard discloses Ryuk ransomware infection at maritime facility
    https://www.zdnet.com/article/us-coast-guard-discloses-ryuk-ransomware-infection-at-maritime-facility/

    Ransomware infection led to a disruption of camera and physical access control systems, and loss of critical process control monitoring systems.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*