Threats and Risks
Russian cyber actors are targeting national parliaments and ministries of foreign affairs, US agencies warn
Hackers used ComRAT and Zebrocy malware in these attacks
Cyber actors are attempting to exploit Windows Zerologon and Oracle security flaws, researchers warn
The vulnerabilities have already been addressed but many systems remain unpatched
US hospitals under 'imminent threat' of ransomware attack, say CISA and the FBI
'Brazen, heartless and disruptive threat actors' deliberately targeting health facilities during the pandemic
US federal agencies warn organisations of global hacking campaign by North Korean Kimsuky group
The group is specifically interested in gaining intelligence on issues related to the Korean peninsula
US blacklists Russian research institute over dangerous Triton malware
The malware was used to target a petrochemical facility in the Saudi Arabia in 2017
Russian APT group 'Energetic Bear' attacking state and local networks
There's no evidence to suggest that the group has been able to compromise the integrity of elections data
Iran is sending emails to intimidate voters, US officials claim
The message warns recipients with consequences if they don't vote for Trump in 2020 Presidential Election
NSA details top 25 vulnerabilities to patch immediately
The NSA says Chinese state-sponsored hackers are actively exploiting these bugs in the wild
Microsoft addresses RCE bugs in Windows Codecs Library and Visual Studio Code
CISA is advising users and admins to patch their systems as soon as possible
Emotet malware using fake Windows Update templates
The templates trick users into enabling malicious macros in Office documents
Adobe fixes two critical bugs impacting its Magento e-commerce platform
The company is advising users to update their installation to the newest version as soon as possible
Hackers posing as notorious APT groups threaten organisations with DDoS attacks
The new and unidentified hacking group is masquerading as other, infamous groups to convince firms to pay its ransom demands
Microsoft patches 87 vulnerabilities in October 2020 Patch Tuesday update
Twelve of them are listed as 'Critical'
Microsoft leads offensive against TrickBot infrastucture ahead of US election day
The US government and cyber security experts see ransomware attacks as one of the biggest threats to the upcoming elections
Russian-speaking hackers use 'MontysThree' toolset on industrial targets
The attacks have been ongoing since 2018
Kaspersky uncovers second-ever UEFI-based malware attacks
Because UEFI lives within a flash memory chip, any malware injected into it can survive reboots, formats and OS reinstalls
Iranian APT group actively exploiting ZeroLogon vulnerability
Microsoft is again urging IT admins to patch their systems to protect data from hackers
Curbing the rise of fake domains and misinformation campaigns
A failure to curb the growing problem of misinformation could have serious repercussions for the Internet and for society as a whole
Ransomware incidents 'appeared to explode' in June: IBM
The number of ransomware attacks in the second quarter of 2020 was around three times higher than in Q1
Over 247,000 Microsoft Exchange Servers remain unpatched for serious RCE bug
The CVE-2020-0688 flaw is being actively exploited in the wild, US federal agencies warned earlier this month
Windows XP source code leaked online
The source, going by the name billgates3, claimed that the source code has been circulating privately for many years
Attackers are actively exploiting Zerologon Windows vulnerability, Microsoft warns
The flaw could allow an attacker with a foothold on the local network to instantly become a Domain Admin
Six per cent of Google Cloud buckets are misconfigured and vulnerable to unauthorised access, research reveals
Finding exposed cloud databases on internet is not a difficult job, according to researchers
Owned by the C-suite: a new approach to security is needed as cyber risks multiply
Post-Covid-19, security is no longer an ‘IT issue’ – it’s a C-suite item and a fundamental strategic priority
