Cyber Security Update

May / June 2020

Cyber Security Update

Cyber Security Update - May / June 2020

SoftwareONE believes there is a need for additional information when it comes to cybersecurity, as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareONE’s monthly Cyber Threat Bulletin provides updates on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Stay Ahead Of Cyber Threats – May / June Bulletin

Again, more than 73 million user records stolen from a number of online business services were offered for sale on the dark web by hacker group ShinyHunters. And this is only the beginning. Where only one or two years back, criminals seemed to be more interested in individual servers the interest seems to shift today towards enterprise networks access. "Access for sale" on the dark web is a generic term, referring to software, exploits, credentials, or anything else that allows illicitly controlling one or more remote computers. Successfully hacking a website, web server, database, or workstation means that the attacker has access. This access can be transferred or sold to third parties.

With so many employees currently working from home hackers are looking for different security lapses on the network perimeter, such as an unprotected web application, outdated software, or incorrectly configured servers with a weak administrator password. The larger the hacked company is, and the higher the obtained privileges, the more profitable the attack becomes.

Dramatic Rise in Dark Web Offers

This is underpinned by a new research conducted by PT Security: The first quarter of 2020 saw a dramatic rise in dark web offers to sell access to enterprise networks, with the number of posts advertising access up 69%. In contrast, Q1 2019 saw more interest in selling and buying access to individual servers. According to another release coming from TrendMicro popular items now sold on the darknet are pandemic-themed phishing, malware, and exploits. For Q1 2020 the organization counted 907,000 spam messages being sent and detected 737 variations of malware placed with the purpose to bypass security settings. Compared with other nations the United States are found to be the top target for spam, malware detections and users accessing malicious URLs.

Always Be Aware of Cyberattacks

A solid cybersecurity strategy is not a one-time shot and requires continuous monitoring, adjusting and updating. Successfully mastering an attack in the past, for example, does not necessarily prevent your business from further harm. An Australian-based company for international delivery and freight forwarding solutions, Toll Group, for instance recently suffered a ransomware attack for the second time in only four months. Although there was no evidence that any data has been extracted from their networks Toll Group had to take down certain IT systems for a longer period. The attack itself came from Nefilim - a relatively new ransomware variant that uses exposed Remote Desktop Protocol (RDP) connections for infection.

Be Prepared & Protect Your Digital Assets

As you can see there are a couple of attacks you should be aware of and prepared for. While you cannot extinguish all fires at once it’s important to regularly monitor current threats and attacks and prepare your business for any cyberthreat that might arise. We have collected further data breaches, cyber threats and awareness news in our May / June Cyber Threat Bulletin.

Get your copy here and keep yourself up-to-date.

  • Cybersecurity, Cyber Threat Bulletin
  • Cyber Security, Cyber-Threats, Ransomware, Cyber-Attacks, Cyber-Crime

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO

Cybersecurity

Related Articles

security-is-not-privacy-ways-to-keep-personal-data-secure
  • 14 October 2020
  • Bala Sethunathan
  • Managed Security, Cybersecurity User Awareness, Cybersecurity
  • Data Security, Data Backup

Security is Not Privacy: Ways to Keep Personal Data Secure

Organizations must know the difference between data security and privacy, the ways your data could be compromised, and how to keep it secure.

Improve Network Security with VMware NSX

Network Virtualization with VMware NSX

VMware NSX enables firewalls to be implemented even for the smallest segments - and thus considerably increases IT security.

6 Enterprise Email Security Risks
  • 07 October 2020
  • Bala Sethunathan
  • Managed Security, Cybersecurity, Cybersecurity User Awareness
  • Managed Security Services, Spoofing, Vishing, Cyber Security, Cyber Attack

6 Enterprise Email Security Risks

When employees use their email, they could be vulnerable to risks. Read this post to understand what these risks are and how to protect against them.