Last week on Malwarebytes Labs we kept you updated on the SolarWinds attack, we warned about the special dangers that come with the Christmas season, published a threat profile for the Egregor ransomware, warned how a lead generation scam was targeting potential Malwarebytes MSP partners, and talked about smart toy security. We also posted a follow-up about the many ways you can be scammed on Facebook.
A VideoBytes episode spoke about the increase in brute force attacks due to more open RDP ports.
SolarWinds related cybersecurity news:
Several publications dealt with different angles and consequences of the SolarWinds attack:
- Researchers at Prevasio explained how reverse engineering the Domain Generation Algorithm (DGA) revealed the list of victims. (Source: Prevasio blog)
- Experts have begun pointing to concerns about potentially substandard security protocols, like an update server that was accessible with a simple password. (Source: NewsWeek)
- Microsoft confirmed it found compromised SolarWinds code in its systems, but denied that its own software was compromised in a supply-chain attack to infect customers. (Source: Engadget)
Other cybersecurity news:
- The CEO of decentralized finance (DeFi) insurer Nexus Mutual has lost the equivalent of over $8 million in a targeted attack. (Source: Coindesk)
- Researchers found more than 45 million medical imaging files, including X-rays and CT scans, freely accessible on unprotected servers. (Source: betanews)
- The Irish Data Protection Commissioner has announced a €450,000 fine on Twitter for data breaches under GDPR. (Source: Independent.ie)
- A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game, which install a ransomware calling itself CoderWare. (Source: BleepingComputer)
- Five human rights defenders that were victims of NSO Group’s WhatsApp hacking have stepped forward to tell their stories. (Source: AccessNow)
- Researchers have called for a determined path to cybersecurity because issues surrounding governance and a sense of responsibility are preventing mission success. (Source: SecureList)
- A company called Capella Space launched a satellite capable of taking clear radar images of anywhere in the world, even through the walls of some buildings. (Source: Futurism)
Stay safe, everyone!
Refer Here for Original Post and Source https://blog.malwarebytes.com/a-week-in-security/2020/12/a-week-in-security-december-14-december-20/