IT Security Newsletter

IT Security Newsletter - 01/22/2021

Written by Cadre | Fri, Jan 22, 2021

Hackers release over 4,000 files stolen from Scottish environment agency in ransomware attack

There's more bad news for the Scottish Environment Protection Agency (SEPA) which was hit by a ransomware attack on Christmas Eve - a serious security breach that has continued to impact its internal systems and forced its email offline. The Conti ransomware gang has now published 4,150 files stolen from SEPA on the dark web. Corporate plans, contracts, spreadsheets, and potentially personal information about staff, can be found amongst the haul of files now available for anybody to download. READ MORE...

Windows Remote Desktop servers now used to amplify DDoS attacks

Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure (VDI) access to Windows servers and workstations. Attacks taking advantage of this new UDP reflection/amplification attack vector. READ MORE...

QNAP Warns NAS Users of 'dovecat' Malware Attacks

QNAP this week warned users of attacks targeting QNAP NAS (network-attached storage) devices with a piece of malware named "dovecat." The networking and storage solutions provider says it has received reports from users who had their devices infected with the malware, and, after analyzing the attacks, discovered that the use of weak passwords on Internet-connected devices was the root cause of infection. READ MORE...

Attackers Leave Stolen Credentials Searchable on Google

The attackers behind a summer 2020 phishing campaign accidentally exposed the credentials they stole to the public Internet, where they could be discovered with a simple Google search. Last August, the operators launched a campaign with malicious emails disguised as Xerox scan notifications, Check Point researchers report in an analysis conducted alongside industrial cybersecurity firm Otorio. Recipients of these emails, which contained their first name or company title in the subject line. READ MORE...

Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks

Cybercriminals can exploit Microsoft Remote Desktop Protocol (RDP) as a powerful tool to amplify distributed denial-of-service (DDoS attacks), new research has found. Attackers can abuse RDP to launch UDP reflection/amplification attacks with an amplification ratio of 85.9:1, principal engineer Roland Dobbins and senior network security analyst Steinthor Bjarnason from Netscout said in a report published online this week. However, not all RDP servers can be used in this way. READ MORE...

UK govt gives malware infected laptops to vulnerable students

Some of the laptops distributed by the UK Department for Education (DfE) to vulnerable students have been found to be infected with malware as reported by the BBC. The devices are given out for free by the government to support disadvantaged students unable to access remote education during the COVID-19 pandemic, including children and young people who have no digital devices, have only a smartphone, or share a single device with other family members. READ MORE...

CHwapi hospital hit by Windows BitLocker encryption cyberattack

The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. On Sunday, CHwapi suffered an attack that caused the hospital to redirect patients to other hospitals and delay surgical procedures. While the hospital's services are slowly recovering and surgical operations have resumed, CHwapi continues to cancel some services and redirect urgent cases to other hospitals. READ MORE...

  • ...in 1931, singer/songwriter and "King of Soul" Sam Cooke is born in Clarksdale, MS.
  • ...in 1940, veteran English actor John Hurt ("The Elephant Man", "Alien", "I, Claudius") is born in Derbyshire.
  • ...in 1953, film director Jim Jarmusch ("Down By Law", "Dead Man") is born in Cuyahoga Falls, OH.
  • ...in 1984, Apple Computer introduces the Macintosh personal computer with a Super Bowl commercial inspired by George Orwell's "1984".