This posting is here to collect cyber security news in September 2024.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
This posting is here to collect cyber security news in September 2024.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
61 Comments
Tomi Engdahl says:
Malware & Threats
New ‘Hadooken’ Linux Malware Targets WebLogic Servers
The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families.
https://www.securityweek.com/new-hadooken-linux-malware-targets-weblogic-servers/
Tomi Engdahl says:
ICS/OT
House Report Shows Chinese Cranes a Security Risk to US Ports
A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.
https://www.securityweek.com/house-report-shows-chinese-cranes-a-security-risk-to-us-ports/
The US is dangerously reliant on Chinese cranes in seaports, and the equipment represents a potential threat to US port infrastructure security, the Select Committee on the Chinese Communist Party (CCP) and House Committee on Homeland Security say.
A joint report (PDF) released this week by the two committees focuses on Shanghai Zhenhua Heavy Industries (ZPMC), a company owned and controlled by the People’s Republic of China (PRC), which accounts for roughly 80% of the ship-to-shore (STS) port cranes operational in the US.
ZPMC dominates the global market share of STS cranes, adding to the PRC’s broader maritime infrastructure dominance and creating cybersecurity vulnerabilities and national security risks for the US and its allies, the report shows.
Not only is ZPMC wholly owned by a Chinese company that the Department of Defense has named a “Communist Chinese Military Company” and which is involved in militarizing the South China Sea, but the company is producing and assembling equipment and technology in China and is delivering it upon completion.
Tomi Engdahl says:
Fortinet Data Breach Impacts Customer Information
Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.
https://www.securityweek.com/fortinet-data-breach-impacts-customer-information/
Tomi Engdahl says:
Government
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy
The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.
https://www.securityweek.com/uk-data-centers-gain-critical-infrastructure-status-raising-green-belt-controversy/
UK Technology Secretary Peter Kyle announced Thursday that data centers in the country are now classed as part of the UK’s Critical National Infrastructure (CNI). This is the first new CNI designation since the Space and Defense sectors in 2015.
The move is logical and well-received (given the importance of data to the national economy) but has raised eyebrows over praise for a proposed new data center to be built in the ‘protected’ Green Belt region of the country.
“Data centers are the engines of modern life, they power the digital economy and keep our most personal information safe,” said Kyle. “Bringing data centers into the Critical National Infrastructure regime will allow better coordination and cooperation with the government against cyber criminals and unexpected events.”
https://www.gov.uk/government/news/data-centres-to-be-given-massive-boost-and-protections-from-cyber-criminals-and-it-blackouts
Tomi Engdahl says:
Cybercrime
UK Teen Arrested Over Transport for London Hack
A 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.
https://www.securityweek.com/uk-teen-arrested-over-transport-for-london-hack/
Tomi Engdahl says:
IoT Security
1.3 Million Android TV Boxes Infected by Vo1d Malware
Doctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions.
https://www.securityweek.com/1-3-million-android-tv-boxes-infected-by-vo1d-malware/
Tomi Engdahl says:
Sergiu Gatlan / BleepingComputer:
The Port of Seattle says the Rhysida ransomware operation was behind an August 24 cyberattack and that it appears “some Port data was obtained by the actor” — Port of Seattle, the United States government agency overseeing Seattle’s seaport and airport, confirmed on Friday …
https://www.bleepingcomputer.com/news/security/port-of-seattle-says-rhysida-ransomware-was-behind-august-attack/
Tomi Engdahl says:
https://www.tivi.fi/uutiset/aliupseerit-loivat-salaisen-wifi-verkon-taistelualukselle-ei-olisi-kannattanut/f5d62947-b726-4d3e-985a-13275ef072ff
Tomi Engdahl says:
https://www.dna.fi/dnabusiness/blogi/-/blogs/how-to-prevent-sms-scammers-from-impersonating-your-business?utm_source=facebook&utm_medium=social&utm_content=LAA-artikkeli-how-to-prevent-sms-scammers-from-impersonating-your-business&utm_campaign=P_LAA_24-35-40_artikkelikampanja_ENKKU_&fbclid=IwZXh0bgNhZW0BMAABHRJOkE5DWEmFtn98qnH8xzNhpsVWUCOj32fYtEuiVIscBHQI9nKX_26t3A_aem_AUWLnM8Kv2jGsFNPv-k3ow
Tomi Engdahl says:
Microsoft plans to move security software out of the Windows kernel
Significant changes could be coming in the not-so-distant future
https://www.techspot.com/news/104710-microsoft-plans-move-security-software-out-windows-kernel.html
Tomi Engdahl says:
Mihin huijari käyttää sinulta viedyt rahat? Tätä et olisi halunnut tietää
Enemmistö suomalaisista kertoo joutuneensa maksuhuijaus- tai tietojenkalasteluyrityksen kohteeksi. Asia käy ilmi OP:n teettämästä kyselystä, jonka tulokset on juuri julkaistu.
https://www.iltalehti.fi/digiuutiset/a/c029164f-7ef7-4109-8cdb-273ab1b3bcc9
Valtaosa suomalaisista on joutunut verkkohuijauksen tai sen yrityksen kohteeksi.
Tyypillisimmässä huijauksessa rikollinen esiintyy luotettavan tahon edustajana.
EU valmistelee uutta direktiiviä, josta toivotaan helpotusta ongelmaan.
Suomalaisista noin 70 prosenttia sanoo tunnistaneensa heihin kohdistuneen maksuhuijauksen tai sen yrityksen. Kaikkein tyypillisimmin huijarit ovat ottaneet yhteyttä sähköpostitse, ja noin puolet suomalaisista onkin saanut huijareilta nimenomaan sähköpostin.
Seuraavaksi yleisimpiä huijaustapoja ovat tekstiviestit, sosiaalisessa mediassa lähestyminen ja soittaminen. Joka neljäs kyselyyn vastannut kertoo kohdanneensa puhelimitse tullutta tietojenkalastelua.