News – September 2020


  • CEOs Could Be Held Personally Liable for Cyberattacks that Kill

    September 7, 2020

    A full 75 percent of top brass at companies will be personally on the hook for cyber-physical security (CSP) incidents by 2024 – especially those that involve fatalities. That’s according to the Gartner research firm, which predicted this week that CEOs soon will no longer be able to hide behind their corporate legal teams if things ...

  • France warns of Emotet attacking companies, administration

    September 7, 2020

    The French national cyber-security agency today published an alert warning of a surge in Emotet attacks targeting the private sector and public administration entities throughout the country. French public administration has three sub-sectors: central public administrations (APUC), local government (LUFA), and social security administrations (ASSO). Emotet, originally a run-of-the-mill banking Trojan first spotted in 2014, is now ...

  • Ransomware attack halts Argentinian border crossing for four hours

    September 6, 2020

    Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. While ransomware attacks against cities and local agencies have become all too common, this may be a first known attack against a federal agency that has interrupted a country’s operations. According to a ...

  • FBI issues second alert about ProLock ransomware stealing data

    September 4, 2020

    The FBI issued a second warning this week to alert US companies of ProLock ransomware operators stealing data from compromised networks before encrypting their victims’ systems. The 20200901-001 Private Industry Notification seen by BleepingComputer on September 1st comes after the MI-000125-MW Flash Alert on the same subject issued by the FBI four months ago, on May ...

  • Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa

    September 4, 2020

    On July 6 and July 9, 2020, we observed files associated with an attack on two state-run organizations in the Middle East and North Africa that ultimately installed and ran a variant of the Thanos ransomware. The Thanos variant created a text file that displayed a ransom message requesting the victim transfer “20,000$” into a ...

  • Cyberthreats for ICS in Energy in Europe. Q1 2020

    September 4, 2020

    Computers in European countries which are used to configure, maintain and control equipment in the energy industry on which Kaspersky products are installed. This includes Windows computers on which various software packages for the energy industry are installed, including but not limited to human-machine interface (HMI), OPC gateway, engineering, control and data acquisition software. Overall, in ...

  • XCSSET Update: Browser Debug Modes, Inactive Ransomware

    September 4, 2020

    In our first blog post that covered XCSSET, we discussed its relatively unique danger to Xcode developers and the way it took advantage of two macOS vulnerabilities to maximize what it can take from an infected machine. Our research into this incident is still ongoing, and in this blog post, we cover some other aspects of ...

  • Digital Education: The cyberrisks of the online classroom

    September 4, 2020

    This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools began to transition to emergency remote learning, it ...

  • For The First Time In Targi Kielce – Patriots On Display

    September 3, 2020

    This year’s International Defence Industry Exhibition is the showcase for the U.S. military presenting the Patriot missile system. Although the year of the pandemic may cause the exhibition to look less impressive than usual, there are still plenty of interesting exhibits and top-level business talks. The United Kingdom Lead Nation Exhibition is an important MSPO 2020 ...

  • CISA and FBI say they have not seen cyber-attacks this year on voter registration databases

    September 2, 2020

    The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation said today that they have not seen any cyber-attacks target US voter registration databases and voting systems this year. The two agencies issued a joint statement today after an article in Russian media had gone viral earlier this morning. The article, published by Russian news ...

  • A Blind Spot in ICS Security: The Protocol Gateway [Part 1] – Importance of the Protocol Gateway

    September 1, 2020

    A protocol gateway is a small network device, also called a “protocol converter” or “IoT gateway.” It is similar to an “interpreter” in the digital word, and acts as a communications intermediary between different protocols. As the integration of networks accelerates with IoT, protocol conversion grows increasingly important. However, the security of protocol gateways has ...

  • Cybersquatting: Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers

    September 1, 2020

    Users on the internet rely on domain names to find brands, services, professionals and personal websites. Cybercriminals take advantage of the essential role that domain names play on the internet by registering names that appear related to existing domains or brands, with the intent of profiting from user mistakes. This is known as cybersquatting. The ...

  • Commodified Cybercrime Infrastructure – Exploring the Underground Services Market for Cybercriminals

    September 1, 2020

    Beyond standard underground offerings such as malware and exploit kits, cybercriminals also value having a stable hosting infrastructure that underpins all their activities. Such an infrastructure could host malicious content and the necessary components for controlling their operations (e.g., bulletproof hosting that run backend hacker infrastructure or a rented botnet of compromised machines). In many respects, ...

  • The future of financial services in the new Covid-19 world

    September 1, 2020

    City & Financial Global Ltd today announced a media partnership with Cyber Security Review for 10th edition of City Week 2020 – the annual International Financial Services Forum, taking place in virtual format this year. More than 80 high profile speakers, such as John Glen MP, Economic Secretary to the Treasury; Steven Maijoor, Chairman, European Securities ...