Cyber Security Update

May / June 2020

Cyber Security Update

Cyber Security Update - May / June 2020

SoftwareONE believes there is a need for additional information when it comes to cybersecurity, as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareONE’s monthly Cyber Threat Bulletin provides updates on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Stay Ahead Of Cyber Threats – May / June Bulletin

Again, more than 73 million user records stolen from a number of online business services were offered for sale on the dark web by hacker group ShinyHunters. And this is only the beginning. Where only one or two years back, criminals seemed to be more interested in individual servers the interest seems to shift today towards enterprise networks access. "Access for sale" on the dark web is a generic term, referring to software, exploits, credentials, or anything else that allows illicitly controlling one or more remote computers. Successfully hacking a website, web server, database, or workstation means that the attacker has access. This access can be transferred or sold to third parties.

With so many employees currently working from home hackers are looking for different security lapses on the network perimeter, such as an unprotected web application, outdated software, or incorrectly configured servers with a weak administrator password. The larger the hacked company is, and the higher the obtained privileges, the more profitable the attack becomes.

Dramatic Rise in Dark Web Offers

This is underpinned by a new research conducted by PT Security: The first quarter of 2020 saw a dramatic rise in dark web offers to sell access to enterprise networks, with the number of posts advertising access up 69%. In contrast, Q1 2019 saw more interest in selling and buying access to individual servers. According to another release coming from TrendMicro popular items now sold on the darknet are pandemic-themed phishing, malware, and exploits. For Q1 2020 the organization counted 907,000 spam messages being sent and detected 737 variations of malware placed with the purpose to bypass security settings. Compared with other nations the United States are found to be the top target for spam, malware detections and users accessing malicious URLs.

Always Be Aware of Cyberattacks

A solid cybersecurity strategy is not a one-time shot and requires continuous monitoring, adjusting and updating. Successfully mastering an attack in the past, for example, does not necessarily prevent your business from further harm. An Australian-based company for international delivery and freight forwarding solutions, Toll Group, for instance recently suffered a ransomware attack for the second time in only four months. Although there was no evidence that any data has been extracted from their networks Toll Group had to take down certain IT systems for a longer period. The attack itself came from Nefilim - a relatively new ransomware variant that uses exposed Remote Desktop Protocol (RDP) connections for infection.

  • Cyber-Threats, Ransomware, Cyber-Attacks, Cyber-Crime

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO


Related Articles

Cloud Workload Security: Should You Worry About It?

Cloud Workload Security: Should You Worry About It?

We’re breaking down how cloud workload security works, the common risks associated with cloud workloads, and steps to ensure the security of your cloud workload.

  • 18 March 2021
  • Bala Sethunathan
  • Managed Security

How to Prevent Cyber Attacks through Penetration Testing

Penetration testing imitates a cyberattack to help assess security measures - and new advances in automation are changing the game. Learn more.

5 Tips to Engage Your Audience in Presentations
  • 26 November 2020
  • User Productivity
  • Microsoft 365, Teams, Collaboration

5 Tips for Remote Presentations

In remote presentations, you’re not only competing for the audience's attention, but also missing their nonverbal clues. Here are 5 tips on how to deal with it.