<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 11/30/2020



Conti ransomware attack demands $14 million from industrial IoT firm Advantech

The world's largest maker of industrial computers, Taiwan's Advantech, has reportedly been hit by a ransomware attack - with cybercriminals demanding a ransom worth approximately US $14 million for a decryption key, and to prevent the public leaking of stolen data. According to local media reports, Advantech identified earlier this month that its internal network had been compromised by hackers, and although action was taken to stem the spread of the attack it was not enough to prevent the theft of data. READ MORE...


Pennsylvania county pays 500K ransom to DoppelPaymer ransomware

Delaware County, Pennsylvania has paid a $500,000 ransom after their systems were hit by the DoppelPaymer ransomware last weekend. On Monday, Delaware County disclosed that they had taken portions of their computer network offline after discovering that their network was compromised. "The County of Delaware recently discovered a disruption to portions of its computer network. We commenced an immediate investigation that included taking certain systems offline and working with computer. READ MORE...

MasterChef, Big Brother producer hit by DoppelPaymer ransomware

French multinational production and distribution firm Banijay Group SAS was hit earlier this month by a DoppelPaymer ransomware attack and had sensitive information stolen by the ransomware operators during the incident. Yesterday, Banijay publicly confirmed a cyber incident that led to employee and commercially sensitive data potentially being compromised. Banijay became one of the largest if no the largest international groups in the audiovisual content production and distribution market. READ MORE...

Networking giant Belden says hackers accessed data on employees, business partners

Belden, a U.S. manufacturer of networking and industrial cable products, said Tuesday that unidentified attackers had accessed and copied data on current and former employees, and some of its business partners. The St. Louis-based company, which reported more than $2 billion in revenue last year, said in a statement that it believed it prevented the attackers from further accessing data on its servers, and that it had hired lawyers to help it "notify appropriate regulatory authorities [of the incident] around the world." READ MORE...

Information Security

Vietnam-Linked Cyberspies Use New macOS Backdoor in Attacks

Trend Micro's security researchers have identified a new macOS backdoor that they believe is used by the Vietnamese threat actor OceanLotus. Also referred to as APT-C-00 and APT32, and believed to be well-resourced and determined, OceanLotus has been observed mainly targeting government and corporate entities in Southeast Asia. Earlier this year, the group engaged in COVID-19 espionage attacks targeting China. READ MORE...

Accused email scammers busted in Nigeria for alleged fraud against 50,000 victims

An Interpol-helmed operation led to the arrest of three suspected cybercriminal gang members in Nigeria whose outfit has allegedly targeted victims in more than 150 countries, including schemes that involved offering COVID-19 aid. The sting, announced Wednesday, was part of Operation Falcon, a year-long investigation that teamed with cybersecurity company Group-IB and the Nigeria Police Force. "This group was running a well-established criminal business model," aid Craig Jones. READ MORE...


SD-WAN Product Vulnerabilities Allow Hackers to Steer Traffic, Shut Down Networks

Researchers at cybersecurity consulting firm Realmode Labs have identified vulnerabilities in SD-WAN products from Silver Peak, Cisco, Citrix and VMware, including potentially serious flaws that can be exploited to steer traffic or completely shut down an organization's network. Realmode Labs has published four blog posts this month describing the vulnerabilities found by Ariel Tempelhof and Yaar Hahn in SD-WAN solutions from VMware, Cisco, Citrix and Silver Peak, which HP acquired earlier this year. READ MORE...


Baltimore County Public Schools hit by ransomware attack

Baltimore County Public Schools has been hit today by a ransomware attack that led to a systemic shutdown of its network due to the number of systems impacted in the attack. The Baltimore County school district manages all public schools in Baltimore County, Maryland, and is the 25th largest U.S. school system. Mychael Dickerson, the district's Chief of Staff, confirmed that the attack affected the public school district's offices, website, email system, and grading system. READ MORE...

On This Date

  • ...in 1835, author Samuel Langhorne Clemens, better known by his pen name Mark Twain, is born in Missouri.
  • ...in 1955, actor Kevin Conroy, the voice of Batman in the classic 1990s "Batman: The Animated Series", is born in Westbury, NY.
  • ...in 1982, Michael Jackson's "Thriller", the best-selling album of all time, is released.
  • ...in 1995, Operation Desert Storm officially ends, more than four years after the end of its six-week combat phase in January/February 1991.