- Siim P
RANSOMWARE CRIMINALS SHIFT TARGET
Term of the month: Trojan horse Is a type of malware that misleads the victims of its true intent by disguising as a different type of file, then installing malicious software. It is used to steal, disrupt, delete, modify data and perform other malicious activity. The best protection is a good anti-virus software.
BRIEF UPDATE Despite previous quarter increases, average ransomware payments decreased by more than one third in Q4 20 and median payments dropped 55%. 60% of victims opted to pay, compared with 75% in previous quarter. This has resulted from US legislation and increased awareness and wider mitigation services. However, UK NCSC reports that targets have shifted from large companies to multiple attacks on SMEs and individuals, where a sharp increase has occurred. Covid-19 associated attacks continue, with Oxford Covid Research lab latest victim. 80% of Medtech firms report a cyber attack in past 5 years. N Korea increases attacks to steal medical technology, using Twisted Spider and Wizard Spider. US DOJ has charged 3 named N Korean hackers. VMware ESXi flaws liable to ransomware attack by encryption on virtual hard drives since Oct 20. State-sponsored attacks continue. Ukraine accuses Russia of targeting its defence and security sectors. China using BendyBear malware to attack governments in Asia, reports Taiwan Justice Bureau. Centreon (France) hit by serious supply chain attack similar to Solar Wind with Russian TeleBots blamed. Telegram has patched over a dozen vulnerabilities over last year. Instagram has disabled hundreds of stolen accounts to defeat SIM swapping by OGUsers., with similar action taken by TikTok and Twitter. Apple released fixes for 3 zero-day vulnerabilities in its iOS, IPad OS and TVOS systems. MS has updated Windows 10 versions beyond 1809 from Spectre-based hardware attacks. Exodus report advises against using LastPass password manager. Unlike similar apps, it contains 7 embedded trackers.
CYBER SECURITY IN THE NEWS
Hacker attempted to poison Florida city's water supply
Emmanuel Macron pledges €1bn for cybersecurity after hospital ransomware attacks
UK National Cyber Security Center Warns of Increased Threat of Ransomware Attacks
Nearly 40,000 Macs infected by mysterious malware
Finnish IT Giant Hit with Ransomware Cyberattack
CD Projekt hit by ransomware attack, refuses to pay ransom
Scottish Borders Council apologises for data breach
Russian hackers linked to attack targeting Ukrainian government
Masslogger Trojan reinvented in quest to steal Outlook, Chrome credentials
Why business e-mail compromise is still a lucrative way to steal money