News – September 2020


  • A Blind Spot in ICS Security: The Protocol Gateway [Part 2] Vulnerability Allowing Stealth Attacks on Industrial Control Systems

    September 14, 2020

    A protocol gateway is a small network device, also called a protocol converter” or “IoT gateway.” It is similar to an “interpreter” in the digital word, and acts as a communications intermediary between different protocols. As the integration of networks accelerates with IoT, protocol conversion grows increasingly important. However, the security of protocol gateways has not ...

  • Staples discloses data breach exposing customer info

    September 14, 2020

    Giant office retail company Staples informed some of its customers that data related to their orders has been accessed without authorization. Few details are available at the moment. The company has not disclosed the incident publicly and alerted affected customers individually over email. It is important to note that Staples’ main business is selling office supplies and ...

  • Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

    September 14, 2020

    The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently available for all these flaws – and in some cases, have been available for over a ...

  • Fairfax County schools hit by Maze ransomware, student data leaked

    September 12, 2020

    Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening. The school district is also the largest in the Baltimore-Washington Metropolitan Area and it has a budget of $3.1 billion approved for 2021. FCPS has over 188,000 current students and ...

  • Palo Alto Networks fixes critical flaw in PAN-OS firewall software

    September 11, 2020

    Palo Alto Networks has fixed a new critical vulnerability affecting multiple versions of PAN-OS, the operating system affecting its next-generation firewalls. The issue received the identification number CVE-2020-2040 and has a severity score of 9.8 out of 10 and requires no user interaction. An unauthenticated attacker can exploit it by sending a malicious request to specific ...

  • APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins

    September 11, 2020

    The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Microsoft researchers have tied APT28 (a.k.a. Strontium, Sofacy or Fancy Bear) to this newly uncovered pattern of O365 activity, which began in April and is ongoing. The attacks have been aimed mainly at U.S. and U.K. organizations ...

  • Force Majeure Leads to Milipol Qatar Postponement Until March 2021

    September 10, 2020

    Organisers of Milipol Qatar, the leading international event for homeland security and civil defence, have announced force majeure has prompted postponement of the event for six months to March 2021. Over recent weeks and months, they have been in constant discussions with key industry authorities and partners to stay abreast of the challenges in the face ...

  • Microsoft confirms Chinese, Iranian, and Russian cyber-attacks on Biden and Trump campaigns

    September 10, 2020

    Microsoft said today that Chinese, Iranian, and Russian state-sponsored hackers had tried to breach email accounts belonging to people associated with the Biden and Trump election campaigns. The “majority of these attacks” were detected and blocked, according to Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft. Burt disclosed the incidents in a blog ...

  • Expos – safe and sound Poland: The International Defence Industry Exhibition MSPO in Kielce is underway

    September 10, 2020

    Press Release “Can I say what a real privilege it is speaking here today. In the UK we are always impressed by the resilience and the determination of the Polish people (…). It is, therefore, no surprise, even with all the challenges that the world is currently facing, Poland has laid on a first-rate trade show ...

  • An overview of targeted attacks and APTs on Linux

    September 10, 2020

    Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux is a secure-by-default operating system that isn’t susceptible to malicious code. It’s certainly true that ...

  • Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days

    September 9, 2020

    There’s been a huge increase in the number of ransomware attacks over the course of 2020, with a seven-fold rise in campaigns compared with just last year alone, according to newly released data from cybersecurity researchers. Ransomware attacks have been on the rise and getting more dangerous in recent years, with cyber criminals aiming to encrypt ...

  • Strategic investment to secure smart factories

    September 9, 2020

    Security is undergoing a digital transformation in the manufacturing industry. As the fusion of the cyber world and the physical world progresses, various security issues are mounting. Manufacturing executives must view security as a management issue, not as a system issue. Is cyber security a cost or an investment? Trend Micro has published an ebook that focuses ...

  • September Patch Tuesday Updates Exchange, SharePoint

    September 9, 2020

    This month’s update includes 129 updates for the Microsoft Office suite, with 15 specifically addressing SharePoint vulnerabilities. Of the total number, 23 have been rated Critical and 105 as Important. No zero days have been observed, but four vulnerabilities are under close scrutiny for their potential abuse. Specifically, CVE-2020-16875 can be exploited for remote code execution ...

  • City of Hartford postpones first day of school after ransomware attack

    September 8, 2020

    Officials from the city of Hartford, Connecticut, were forced to postpone the first day of the new school calendar year after a ransomware infection impacted the city’s IT network. According to a statement published by Hartford Public Schools, the school district serving the city of Hartford, the ransomware attack impacted several of the school’s internal IT ...

  • Netwalker ransomware hits Pakistan’s largest private power utility

    September 8, 2020

    K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. K-Electric is Pakistan’s largest power supplier, serving 2.5 million customers and employing over 10 thousand people. Starting yesterday, K-Electric customers have been unable to access the online services for their account. To resolve this ...

  • Newcastle University students’ data held to ransom by cyber criminals

    September 8, 2020

    Newcastle University is being held to ransom by cyber criminals in an attack which has been disrupting IT systems since the beginning of the month. The cyber crime group behind the attack – known as DoppelPaymer – previously leaked documents online relating to Elon Musk’s companies SpaceX and Tesla. The criminals have posted stolen files from the ...

  • 2nd International Conference on Central European Critical Infrastructure Protection (ICCECIP 2020) will be held online on November 16-17, 2020

    September 8, 2020

    We are honoured to invite you to participate in the 2nd International Conference on Central European Critical Infrastructure Protection organised by Óbuda University Donát Bánki Faculty of Mechanical and Safety Engineering in Budapest in cooperation with Subotica Tech – College of Applied Sciences, Serbia, University of Žilina Faculty of Security Engineering Department of Technical Sciences ...

  • Exposed Docker Server Abused to Drop Cryptominer, DDoS Bot

    September 8, 2020

    Malicious actors continue to target environments running Docker containers. We recently encountered an attack that drops both a malicious cryptocurrency miner and a distributed denial-of-service (DDoS) bot on a Docker container built using Alpine Linux as its base image. A similar attack was also reported by Trend Micro in May; in that previous attack, threat ...

  • Australia: Data of 186,000 customers leaked in Service NSW cyber attack

    September 7, 2020

    Service NSW has confirmed that the personal data of 186,000 customers and staff were leaked after a cyber attack earlier this year, in which 47 employees had their email accounts compromised. A four-month investigation, which began in April, concluded that roughly 3.8 million documents had to be analysed to assess the severity of any possible breaches. “This ...

  • Chilean bank shuts down all branches following ransomware attack

    September 7, 2020

    BancoEstado, one of Chile’s three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend. “Our branches will not be operational and will remain closed today,” the bank said in a statement published on its Twitter account on Monday. Details about the attack have not been ...