The NCSC reported it had "handled" 658 attacks on 900 organisations, including schools, airports and emergency services, with many attacks were "from hostile nation-states". The NCSC said cyberattacks from Russia, China, Iran and North Korea pose "strategic national security threats to the UK", and also warned that "large-scale global cybercrime" was a threat to "our social fabric, our way of life and our economic prosperity", despite often being "low in sophistication".
Mailing and IT services company Pitney Bowes client operations were severely disrupted by a ransomware outbreak, which affected their postage machines services, Mail360, MIPro, SendPro Online in the UK, 'Your Account' and even the 'Pitney Bowes Supplies' online store became inaccessible. According to Rejeev Gutpa of Cowbell Cyber, "Costs related to this cyber incident could go up rapidly for Pitney Bowes: third-party forensic experts, breach notification, loss of revenue, lawsuits and much more. Cybersecurity insurance can help immediately, especially if the cyber policy is up to date with the number of records to be covered. This is why continuous underwriting of cyber policies can eliminate any insurability gaps”.
Amazon Web Services (AWS) Domain Name System (DNS) was taken offline by DDoS attack for a number of hours on 22nd October, affecting a number of websites. According to reports, a flood of fake traffic disrupted legitimate attempts to resolve DNS requests to connect to Amazon cloud-hosted storage buckets and systems.
Another set of unsecured AWS servers belonging were discovered, this time belonging to UK recruitment firm Sonic Jobs and to another US-based recruitment firm, exposing more than 250,000 CVs of job candidates. Sonic Jobs specialises in the recruitment for retail and restaurant jobs and is used by hotel chains Marriott and InterContinental.
NordVPN revealed a third-party server located in Finland was accessed in March 2018. The hacker had acquired an expired TLS key from the server through an insecure remote access system. The company said it was an isolated incident and no other servers or datacentres were impacted. “The intruder did not find any user activity logs because they do not exist. They did not discover users’ identities, usernames, or passwords because none of our applications sent user-created credentials for authentication” NordVPN said in a statement.
October was a fairly quiet month for Microsoft security patch releases, Microsoft's 'Patch Tuesday' was their smallest security update release this year, and saw only 60 vulnerabilities addressed, 9 of which was rated as critical. Adobe patched 81 vulnerabilities in four of their products, and there was the usual barrage of Cisco patches and Juniper patches on then network appliance front. And Oracle didn't hold back with their patching, releasing security updates addressing a massive 218 vulnerabilities, and 6 WordPress bugs were addressed with new patch releases.
FireEye reported attackers are improving Business Email Compromise (BEC) techniques. BEC or impersonation, or more commonly known as phishing attacks, rose during the second quarter of 2019 by 25%, with some types of attacks becoming more common and better executed according to the FireEye report. Attackers are increasingly impersonating executives and attempting to involve a company’s supply chain vendors as part of the attack to make it appear as if the malicious email is a legitimate request.
Another set of unsecured AWS servers belonging were discovered, this time belonging to UK recruitment firm Sonic Jobs and to another US-based recruitment firm, exposing more than 250,000 CVs of job candidates. Sonic Jobs specialises in the recruitment for retail and restaurant jobs and is used by hotel chains Marriott and InterContinental.
NordVPN revealed a third-party server located in Finland was accessed in March 2018. The hacker had acquired an expired TLS key from the server through an insecure remote access system. The company said it was an isolated incident and no other servers or datacentres were impacted. “The intruder did not find any user activity logs because they do not exist. They did not discover users’ identities, usernames, or passwords because none of our applications sent user-created credentials for authentication” NordVPN said in a statement.
FireEye reported attackers are improving Business Email Compromise (BEC) techniques. BEC or impersonation, or more commonly known as phishing attacks, rose during the second quarter of 2019 by 25%, with some types of attacks becoming more common and better executed according to the FireEye report. Attackers are increasingly impersonating executives and attempting to involve a company’s supply chain vendors as part of the attack to make it appear as if the malicious email is a legitimate request.
BLOG
- 10 Security Blunders that should stay in 2019
- Think before you Click
- The Increasing UK Cyber Skills Gap
- Network Security Observability & Visibility: Why they are not the same
- NCSC Cyber Essentials Scheme to be Streamlined
- UK Youngsters seeking to Win the European Cyber Security Challenge
- Cyber Security Roundup for September 2019
- Magecart Attack on Ecommerce impacts Sesame Street Online store and many more
- Malware takes down Pitney Bowes systems
- Google Launches Password Checkup Security Tool
- Cyber Attacks from 'hostile nation-states’ foiled by NCSC
- DDoS Attack sidelines AWS DNS Web Service for Hours
- Imperva Breach caused by Mishandled Database Migration
- Open AWS Buckets expose more than 200K CVs at Two Online Recruitment Firms
- Adobe leaves Creative Cloud Database Open, 7.5 million users exposed
- NordVPN confirms 2018 Breach
- UniCredit Data Breach impacts 3 Million Italians
- Georgia hit by Massive Cyber-attack
- US hospitals turn away patients as Ransomware Strikes
- Microsoft Patches 60 Vulnerabilities, including 9 Critical for Windows RDP, Azure App Services, VBScript & ChakraCore
- Adobe Patches 81 Vulnerabilities for Four Products
- Oracle Patches 218 Security Vulnerabilities
- WordPress Patches 6 Bugs
- VMware Patches Critical Bug in Harbour Container Registry for PCF
- Juniper Networks addresses 84 bugs
- Cisco fixes critical Aironet Access Points flaw, Addresses 29 more bugs
- Cisco Updates address bugs in Security Products
- Apple Update for iCloud, iTunes and macOS Bugs
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
- State of Stolen Credentials in the Dark Web from Fortune 500 Companies
- Attackers Improving BEC Skills
- APT 41 using MessageTap malware to gather SMS traffic
- APT 29 The Dukes back in Business
- New ‘Reductor’ Malware Compromises Encrypted TLS Traffic
- FBI alert: Ransomware attacks becoming increasingly Targeted and Costly
REPORTS
No comments:
Post a Comment