Top news of the week: 25.09.2020.

#cybersecurity #infosec #Microsoft #tech #privacy #datasecurity #IOCs #malware #cyberattack #Cyber

Threats And Attacks

On Sep 25, 2020
@paulsparrows shared
Feds Hit with Successful Cyberattack, Data Stolen. It is possible the cyber-actor obtained the credentials from an unpatched agency VPN server by exploiting a known vulnerability: CVE-2019-11510 https://t.co/LONwbFMKfk
Open

Feds Hit with Successful Cyberattack, Data Stolen

Feds Hit with Successful Cyberattack, Data Stolen

The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.

On Sep 24, 2020
@KimZetter shared
[email protected] says fed agency was compromised: hackers planted sophisticated multi-stage malware that evaded anti-malware protection "and gained persistent access through two reverse Socket Secure proxies that exploited weaknesses in agency’s firewall." https://t.co/qx9fOzeDsL
Open

Federal Agency Compromised by Malicious Cyber Actor

Federal Agency Compromised by Malicious Cyber Actor

CISA became aware—via EINSTEIN, CISA’s intrusion detection system that monitors federal civilian networks—of a potential compromise of a federal agency’s network. In coordination with the ...

On Sep 22, 2020
@unix_root shared
An unprotected #Microsoft server exposed Bing search engine users' data, including search queries, device details, and GPS coordinates, among others. Details — https://t.co/BdbPVvlO33 #infosec #privacy #datasecurity #cybersecurity #tech
Open

Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

Unsecured Microsoft Bing Search Server Exposed User Queries and Location Data

On Sep 22, 2020
@threatintel shared
Security training needs to be repeated every six months to remain effective https://t.co/rGusPo6X7k
Open

Phishing awareness training wears off after a few months

Phishing awareness training wears off after a few months

Retraining employees after six months is recommended.

On Sep 22, 2020
@securityaffairs shared
Hackers hit #Luxottica, production stopped at two Italian plants https://t.co/jywTcqiLsw #securityaffairs #hacking
Open

Hackers hit Luxottica, production stopped at two Italian plants

Hackers hit Luxottica, production stopped at two Italian plants

The Italian eyewear and eyecare giant Luxottica has reportedly suffered a cyber attack that disrupted its operations in Italy and China. Luxottica Group S.p.A. is an Italian eyewear ...

On Sep 24, 2020
@paulsparrows shared
A new spike of Emotet activity in Italy and the Netherlands https://t.co/qADrcwd6w5
Open

Microsoft, Italy, and the Netherlands warn of increased Emotet activity

Microsoft, Italy, and the Netherlands warn of increased Emotet activity

New alerts about a spike in Emotet activity come after France, Japan, New Zealand issued similar warnings at the start of the month.

On Sep 24, 2020
@paulsparrows shared
After the cyber attacks timelines of July, it's time to publish the statistics. This month has been characterized by #ransomware and #megabreaches. https://t.co/xt6pQn3pON
Open

July 2020 Cyber Attacks Statistics

July 2020 Cyber Attacks Statistics

It’s time to publish the statistics derived from the cyber attacks timeline of July (part I and part II). As previously mentioned this month has been characterized by ransomware (throughout ...

On Sep 20, 2020
@helpnetsecurity shared
Week in review: Zerologon PoCs released, five steps to recover from ransomware, CISOs’ golden opportunity - https://t.co/8XX8WSSgJ6 https://t.co/CfsclCWmaO
Open

Week in review: Zerologon PoCs released, five steps to recover from ransomware, CISOs’ golden opportunity

Week in review: Zerologon PoCs released, five steps to recover from ransomware, CISOs’ golden opportunity

Here's an overview of some of last week's most interesting news, reviews and articles: Most people ignore QR code security concerns QR codes are rising in