Security News
SSL VPN and WebVPN provide secure remote access to a network over the internet using SSL/TLS protocols, securing the connection between the user's device and the VPN server using an "Encryption tunnel." "The severity of the vulnerabilities and the repeated exploitation of this type of vulnerability by actors means that the NCSC recommends replacing solutions for secure remote access that use SSL/TLS with more secure alternatives. NCSC recommends Internet Protocol Security with Internet Key Exchange," reads the NCSC announcement.
Norway has told the European Data Protection Board it believes a countrywide ban on Meta harvesting user data to serve up advertising on Facebook and Instagram should be made permanent and extended across Europe. The Scandinavian country's Data Protection Authority, Datatilsynet, had been holding back Facebook parent Meta from scooping up data on its citizens with the threat of fines of one million Kroner per day if it didn't comply.
The Norwegian National Security Authority has confirmed that attackers used a zero-day vulnerability in Ivanti's Endpoint Manager Mobile solution to breach a software platform used by 12 ministries in the country. The Norwegian National Cyber Security Center also notified all known MobileIron Core customers in Norway about the existence of a security update to address this actively exploited zero-day bug.
Norwegian police agency Økokrim has announced the seizure of 60 million NOK worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack. The development comes more than 10 months after the U.S. Treasury Department implicated the North Korea-backed hacking group for the theft of $620 million from the Ronin cross-chain bridge.
Norwegian authorities announced on Thursday that they had recovered $5.9 million of cryptocurrency stolen in the Axie Infinity hack - an incident widely held to have been perpetrated by the Lazarus Group, which has links to North Korea. The Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime has called the seizure among the largest ever money seizures - and the largest-ever related to crypto - made by Norway.
Norway's National Security Authority published a statement yesterday warning that some of the country's most important websites and online services are being rendered inaccessible due to distributed denial of service attacks. DDoS attacks are a special type of cyberattack that causes internet servers to be overwhelmed by many requests and garbage traffic, rendering the hosted sites and services inaccessible for legitimate visitors and users.
To use B follows A, even though we can clearly see A to Z happening all at the same time in parallel and by and large all intetacting all of the time. Look over a time period of two or three times the reciprocol of their difference frequency and you see a near perfect sine way envelop, just as you would expect from amplitude modulation.
The exploit at a democratic institution such as Stortinget is certainly ominous, perhaps more so than the woes in recent days of organisations such as the European Banking Authority. Stortinget president Tone Wilhelmsen Trøen said: "The attack we are facing shows that IT attacks can have serious consequences for democratic processes at worst."
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. Last week, Microsoft released emergency security updates for Microsoft Exchange to fix zero-day vulnerabilities, known as ProxyLogon, used in attacks.
Gay dating app Grindr faces a fine of more than $10 million from Norwegian regulators for failing to get consent from users before sharing their personal information with advertising companies, in breach of stringent European Union privacy rules. The Norwegian data privacy watchdog said Tuesday that it notified Grindr LLC of its draft decision to issue a fine for 100 million Norwegian krone, equal to 10% of the U.S. company's global revenue.