Daily Archive January 17, 2020

BySubham Paul

CF BYTES – Issue #1

The last fortnight saw a series of events that rattled the world of cybersecurity. Individuals and enterprises have been exposed to several attacks from cybercriminals and have pulled up their socks to upgrade their security and risk management mechanisms. Parallelly, there have been significant developments in this field which further show that there is a huge potential when it comes to making advancements in cybersecurity. This edition of CF Bytes brings to you some of the biggest such instances in this edition which occurred in the aforementioned timeframe.

Top 5 cyberattacks

  1. Travelex suffered a massive Sodinokibi virus attack this New Year’s Eve, following which its key systems were crippled and effects were observed in the 30 countries where it is operational. The entire finance industry has been warned after this incident[1].
  2. The city of Las Vegas was attacked by hackers on the opening day of CES 2020. The security team took the situation under control and averted a possible digital catastrophe[2].
  3. Picanol suffered a ransomware attack that halted its production in Ypres, affected its Chinese and Romanian sites and saw its shares getting suspended on the Brussels Stock Exchange[3].
  4. 122 Chinese nationals were arrested in Nepal and deported. They were suspected of operating cyber fraud on a large scale in Kathmandu. Amongst the seized items were 331 laptops, nearly 100 desktop computers, more than 700 mobile phones, and numerous pen drives and SIM cards[4].
  5. The Cyber Crime police wing of Cyberabad arrested four fraudsters who used bulk SMS services, fake websites and other methods using the data of popular telemarketing and e-commerce companies. Police seized 2 laptops, 12 mobile phones, fake documents (including PAN, Aadhar and Voter ID), 4 debit cards, 19 sim cards, and a car[5].

Top 5 cybersecurity developments

  1. Alipay launched a new platform to bolster security measures to strengthen risk detection for its global partners in the wake of rising financial fraud and threats to data security[6].
  2. STEALTHbits Technologies, Inc. released its latest real-time Active Directory policy enforcement solution called StealthINTERCEPT 7.0 which can detect failed authentication instances to aid security administrators and analysts in detecting suspicious activities like password spraying attempts[7].
  3. U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a free tool using which organizations can test if their systems are exposed to CVE-2019-19781, a serious unpatched Citrix vulnerability which can allow attackers to run commands and access files on the victim’s computer[8].
  4. NSA disclosed a serious bug in Windows 10’s mechanism to confirm software legitimacy or establish secure web connections that could have exposed vulnerabilities to malware and similar attacks in close to 900 million PCs worldwide[9].
  5. Intezer, a New York-based cybersecurity company, launched Intezer Protect. This is a runtime cloud security product, which creates alerts on detecting unauthorized access and malicious software by continuously monitoring the binary code running inside the cloud servers of an organization[10].

Stay tuned to CF Bytes for more periodical updates on cyberattacks and developments in the ever-evolving world of cybersecurity.

References

  1. https://www.assetfinanceinternational.com/index.php/digitalisation/wcg-blog/19023-finance-industry-warned-to-take-action-after-travelex-cyber-attack
  2. https://www.cnet.com/news/las-vegas-hit-by-cyberattack-as-it-hosts-ces/
  3. https://www.brusselstimes.com/news-contents/economic/89253/cyber-attack-sees-picanol-shares-suspended/
  4. https://www.japantimes.co.jp/news/2020/01/09/asia-pacific/crime-legal-asia-pacific/nepal-deports-122-chinese-nationals-linked-cyber-fraud/#.Xh8NzsgzZPY
  5. https://www.aninews.in/news/national/general-news/cyber-crime-wing-of-cyberabad-busts-online-fraud-ring-4-arrested20200105025512/
  6. https://technode.com/2020/01/10/alipay-launches-security-platform-for-global-payment-partners/
  7. https://www.businesswire.com/news/home/20200114005134/en/STEALTHbits-Offers-New-Capabilities-Strengthen-Enterprise-Passwords
  8. https://www.forbes.com/sites/kateoflahertyuk/2020/01/14/new-citrix-security-alert-us-government-issues-test-tool-for-serious-flaw/#362560d62865
  9. https://www.wired.com/story/nsa-windows-10-vulnerability-disclosure/
  10. https://www.prnewswire.co.uk/news-releases/intezer-launches-cloud-security-product-intezer-protect-leveraging-genetic-malware-analysis-technology-814602889.html
Social media & sharing icons powered by UltimatelySocial