Earlier this month, Microsoft threat analysts released an alert in a blog post warning organisations of a new attack vector being used to deploy malware.
New ‘Copyright’ Phishing Scam Uses Website Contact Forms
Thousands of Organisations Compromised by ‘Hafnium’ Email Hack
As the saying goes, there’s no rest for the wicked. Just a few months after behemoth IT management solutions provider SolarWinds was the victim of a major cyber attack, IT professionals across the globe are scrambling to patch their Exchange servers against a new zero-day exploit.
Earlier this month, it was announced that hundreds of thousands of organisations (at least 30,000 in the US alone) had potentially been compromised by a group called Hafnium, who are based out of China and believed to be state-sponsored.
Many SolarWinds Customers Still Exposed Online, Despite Well-Publicised Breach
IT management software giant Solarwinds were the victims of what is believed to be one of the largest cyber attacks yet late last year, sending shivers down the spine of much of the tech world. The attack breached SolarWinds monitoring tool Orion, which allowed the hackers to deliver malicious updates to unsuspecting users of the tool for several months.
Now, two months after the breach was discovered, an alarming number of SolarWinds customers still have vulnerable Orion servers exposed to the internet.
More Than Half of Major Cyber Incidents in 2020 Involved Ransomware
With 2020 coming to an end, after what felt like an eternity to many, cybersecurity & technology firm CrowdStrike have released their annual ‘Cyber Front Lines’ incident-analysis report, and it contains much food for thought. One of the more striking figures is that more than half of the cyber attacks they investigated involved ransomware; a form of malware which encrypts any files it can find until a ‘ransom’ is paid. Ransomware attacks are known to be extremely destructive, spreading quickly through networks and shutting down critical operations as they go.
Financially-motivated attacks in general, the majority of which were ransomware-based, made up 63% of the more than 200 incidents they responded to, demonstrating that the file-encrypting malware is big business for cyber criminals, and not going away any time soon.
BA Ends up With £20 Million Fine for 2018 Data Breach
British Airways now hold the dubious honour of receiving the highest data protection fine that the UK has ever seen, after the Information Commissioner’s Office (ICO) handed down a record-breaking £20 million fine. The fine could have been much heftier, however, as the ICO fine was originally slated at well over £150 million. BA negotiated to have to fine reduced on the back of several factors, including how the Covid-19 pandemic has affected their industry and business and the conduction of a more thorough review on how the 2018 incident occurred from a technical standpoint.
