There's more bad news for the Scottish Environment Protection Agency (SEPA) which was hit by a ransomware attack on Christmas Eve - a serious security breach that has continued to impact its internal systems and forced its email offline. The Conti ransomware gang has now published 4,150 files stolen from SEPA on the dark web. Corporate plans, contracts, spreadsheets, and potentially personal information about staff, can be found amongst the haul of files now available for anybody to download. READ MORE...
Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure (VDI) access to Windows servers and workstations. Attacks taking advantage of this new UDP reflection/amplification attack vector. READ MORE...
QNAP this week warned users of attacks targeting QNAP NAS (network-attached storage) devices with a piece of malware named "dovecat." The networking and storage solutions provider says it has received reports from users who had their devices infected with the malware, and, after analyzing the attacks, discovered that the use of weak passwords on Internet-connected devices was the root cause of infection. READ MORE...
The attackers behind a summer 2020 phishing campaign accidentally exposed the credentials they stole to the public Internet, where they could be discovered with a simple Google search. Last August, the operators launched a campaign with malicious emails disguised as Xerox scan notifications, Check Point researchers report in an analysis conducted alongside industrial cybersecurity firm Otorio. Recipients of these emails, which contained their first name or company title in the subject line. READ MORE...
Cybercriminals can exploit Microsoft Remote Desktop Protocol (RDP) as a powerful tool to amplify distributed denial-of-service (DDoS attacks), new research has found. Attackers can abuse RDP to launch UDP reflection/amplification attacks with an amplification ratio of 85.9:1, principal engineer Roland Dobbins and senior network security analyst Steinthor Bjarnason from Netscout said in a report published online this week. However, not all RDP servers can be used in this way. READ MORE...
Some of the laptops distributed by the UK Department for Education (DfE) to vulnerable students have been found to be infected with malware as reported by the BBC. The devices are given out for free by the government to support disadvantaged students unable to access remote education during the COVID-19 pandemic, including children and young people who have no digital devices, have only a smartphone, or share a single device with other family members. READ MORE...
The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. On Sunday, CHwapi suffered an attack that caused the hospital to redirect patients to other hospitals and delay surgical procedures. While the hospital's services are slowly recovering and surgical operations have resumed, CHwapi continues to cancel some services and redirect urgent cases to other hospitals. READ MORE...