Security News > 2020 > December

Ransomware is not the only problem, though - CISA and the FBI said that trojan malwares, distributed denial-of-service attacks, phishing and credential theft, account hacking, network compromises and more have all been on the rise since the beginning of the school year. "Whether as collateral for ransomware attacks or to sell on the dark web, cyber-actors may seek to exploit the data-rich environment of student information in schools and education technology services," according to the joint advisory [PDF], issued Thursday.

A potentially serious vulnerability affecting CompactRIO controllers made by NI could allow hackers to remotely disrupt production processes in an organization, according to researchers. The U.S. Cybersecurity and Infrastructure Security Agency last week published an ICS-CERT advisory to inform organizations about a high-severity vulnerability affecting NI's CompactRIO product, a rugged, real-time controller used in industrial environments in sectors such as heavy equipment, industrial manufacturing, transportation, power generation, and oil and gas.

Facebook has shut down several accounts and Pages on its platform, which were used to launch phishing and malware attacks by two cybercriminal groups: APT32 in Vietnam and an unnamed threat group based in Bangladesh. "The operation from Vietnam focused primarily on spreading malware to its targets, whereas the operation from Bangladesh focused on compromising accounts across platforms and coordinating reporting to get targeted accounts and Pages removed from Facebook," said Nathaniel Gleicher, head of security policy, and Mike Dvilyanski, cyber-threat intelligence manager at Facebook, in a Thursday post.

December 5th 2020 Ransomware hits helicopter maker Kopter Helicopter maker Kopter has fallen victim to a ransomware attack after hackers breached its internal network and encrypted the company's files. December 6th 2020 Boston's GBMC HealthCare discloses ransomware attack On the morning of Sunday, December 6, 2020, GBMC HealthCare detected a ransomware incident that impacted information technology systems.

Vaccine-related phishing emails and domains are popping up, while criminals are selling phony vaccines via the Dark Web, says Check Point. In another campaign, the email touts the subject line of "Pfizer's Covid vaccine: 11 things you need to know" and includes an executable file named "Covid-19 vaccine brief summary." Clicking on this file triggers the nasty malware called Agent Tesla, a Remote Access Trojan that acts as a keylogger and infostealer.

Google has snapped up Goldman Sachs cybersecurity veteran Phil Venables to manage security and risk for the important Google Cloud franchise. Venables, a cybersecurity leader with a storied career in the financial services sector, will be Google Cloud's first Chief Information Security Officer.

SEE: TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download. "A lack of a standard for IoT devices brings forth many challenges from a management perspective, in particular security, as we are increasing the attack vector for each new IoT device introduced," said Shash Anand, VP of product strategy at SOTI, an IoT connectivity and management provider. Given the variety of IoT devices and systems around, it will be imperative that IoT standards are universally accepted and integrated across devices.

MountLocker ransomware received an update recently that cut its size by half but preserves a weakness that could potentially allow learning the random key used to encrypt files. In a technical analysis published today, the BlackBerry Research and Intelligence Team notes that the new MountLocker variant comes with a compilation timestamp from November 6.

In a matter of days, employees found themselves working from home and the security team needed to change from managing controlled office environments to enabling security remotely and ensuring that people remained reliably connected and productive. The net result of these changes makes it likely we will see security budgets reduced in 2021.

Social media giant Facebook this week revealed that it has disrupted the activity of two groups of hackers - one operating from Vietnam and the other from Bangladesh. The groups, Facebook says, were engaging in cyber-espionage activities, attempting to compromise accounts to gain access to information of interest.