Marraskuu 2020

Hacker Lexicon: What Is the Signal Encryption Protocol ?

https://www.wired.com/story/signal-encryption-protocol-hacker-lexicon/

Älypuhelimeen saa ujutettua haittaohjelman tavalla, jota useimmat eivät tule ajatelleeksi

https://www.is.fi/digitoday/tietoturva/art-2000007646405.html

The Top 20 Cybersecurity Startups To Watch In 2021 Based On Crunchbase

https://www.forbes.com/sites/louiscolumbus/2020/11/29/the-top-20-cybersecurity-startups-to-watch-in-2021-based-on-crunchbase/

HS: Kansainvälinen sijoitushuijausverkosto vienyt suomalaisilta kymmeniätuhansia euroja

https://yle.fi/uutiset/3-11671748?

Europol and partners thwart massive credit card fraud scheme

https://www.welivesecurity.com/2020/11/27/europol-partners-thwart-credit-card-fraud-scheme/

Threat Hunting with JARM

https://isc.sans.edu/forums/diary/Threat+Hunting+with+JARM/26832/

IIoT chip maker Advantech hit by ransomware, $12.5 million ransom

https://www.bleepingcomputer.com/news/security/iiot-chip-maker-advantech-hit-by-ransomware-125-million-ransom/

Live Patching Windows API Calls Using PowerShell

https://isc.sans.edu/diary/rss/26826

India blocks another 43 Chinese mobile apps, including AliExpress and TaoBao Live

https://www.zdnet.com/article/india-blocks-another-43-chinese-mobile-apps-including-aliexpress-and-taobao-live/

Alert: Multiple actors are attempting to exploit MobileIron vulnerability CVE 2020-15505

https://www.ncsc.gov.uk/news/alert-multiple-actors-attempt-exploit-mobileiron-vulnerability

Encrypted DNS in Knot Resolver: DoT and DoH

https://en.blog.nic.cz/2020/11/25/encrypted-dns-in-knot-resolver-dot-and-doh/

Critical Controls 2021

https://www.cert.govt.nz/it-specialists/critical-controls/10-critical-controls/

Researchers Hacked And Stole A Tesla Model X In Just Minutes

https://www.forbes.com/sites/leemathews/2020/11/23/researchers-hacked-and-stole-a-tesla-model-x-in-just-minutes/

Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices

https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/

Two New Chrome 0-Days Under Active Attacks Update Your Browser

https://thehackernews.com/2020/11/two-new-chrome-0-days-under-active.html

DNS cache poisoning, the Internet attack from 2008, is back from the dead – A newly found side channel in a widely used protocol lets attackers spoof domains

https://arstechnica.com/information-technology/2020/11/researchers-find-way-to-revive-kaminskys-2008-dns-cache-poisoning-attack/

With Great Power comes Great Leakage

https://platypusattack.com/

Microsoft Releases November 2020 Security Updates

https://us-cert.cisa.gov/ncas/current-activity/2020/11/10/microsoft-releases-november-2020-security-updates

Critical Vulnerability in Windows OS

https://blog.checkpoint.com/2020/11/09/critical-vulnerability-in-windows-os-check-point-customers-remain-protected/

Office 365 will let admins review Microsoft Forms phishing attempts

https://www.bleepingcomputer.com/news/security/office-365-will-let-admins-review-microsoft-forms-phishing-attempts/

Winning hacker team pockets $744, 500 at the Tianfu Cup, China’s top hacking contest

https://www.zdnet.com/article/windows-10-ios-chrome-and-many-others-fall-at-chinas-top-hacking-contest

Many websites will stop working on older Android versions in 2021

https://www.androidpolice.com/2020/11/07/many-websites-will-stop-working-on-older-android-versions-in-2021

Cryptojacking Targeting WebLogic TCP/7001

https://isc.sans.edu/diary/rss/26768

Update Your iOS Devices Now 3 Actively Exploited 0-Days Discovered

https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html

Sairaalatkaan eivät ole turvassa lunnashaittaohjelmilta:

potilasturvallisuutta harjoitellaan pian oikeankaltaisessa ympäristössä Jyväskylässä

https://www.epressi.com/tiedotteet/terveys/sairaalatkaan-eivat-ole-turvassa-lunnashaittaohjelmilta-potilasturvallisuutta-harjoitellaan-pian-oikeankaltaisessa-ymparistossa-jyvaskylassa.html

Bitcoin: $1bn seized from Silk Road account by US government

https://www.bbc.com/news/technology-54833130

Brazil’s court system under massive RansomExx ransomware attack

https://www.bleepingcomputer.com/news/security/brazils-court-system-under-massive-ransomexx-ransomware-attack/

https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-also-encrypts-linux-systems/

Hakkerit löysivät testivaiheessa aukkoja uudesta Apotti-potilasjärjestelmästä ovatko kahden miljoonan ihmisen arkaluontoiset tiedot varmasti turvassa

https://yle.fi/uutiset/3-11630403

Poliisi selvitti netin välityksellä tehdyn uhkauksen Oulussa

https://www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_selvitti_netin_valityksella_tehdyn_uhkauksen_oulussa_94446

https://www.is.fi/digitoday/tietoturva/art-2000007020423.html

Millä perustein tietovuodon uhri voi muuttaa henkilötunnustaan? Digi- ja väestövirastolle tehty jo kymmeniä hakemuksia

https://www.tivi.fi/uutiset/tv/90872556-364a-48ce-bc51-6566375ddced

Russian authorities make rare arrest of malware author

https://www.zdnet.com/article/russian-authorities-make-rare-arrest-of-malware-author/