Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about a ransomware group that walked away with 2,200 Bitcoin: More than $33 million based on the current Bitcoin exchange rate. Also, read about this month’s Patch Tuesday security updates from Microsoft, including patches for 112 vulnerabilities.
Read on:
Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Microsoft’s November Patch Tuesday roundup of security fixes tackled an unusually large crop of remote code execution (RCE) bugs. Twelve of Microsoft’s 17 critical patches were tied to RCE bugs. In all, 112 vulnerabilities were patched by Microsoft, with 93 rated important, and two rated low in severity. In this article, ZDI’s Dustin Childs shares his thoughts on Microsoft’s removal of descriptions from CVE overviews.
An Old Joker’s New Tricks: Using Github to Hide Its Payload
Trend Micro detected a new Joker malware version on a sample on Google Play, which utilizes Github pages and repositories in an attempt to evade detection. The app promised wallpapers in HD and 4K quality and was downloaded over a thousand times before it was removed from the Play Store by Google after being reported as malicious.
NETGEAR Router, WD NAS Device Hacked on First Day of Pwn2Own Tokyo 2020
Due to the coronavirus pandemic, this year’s Pwn2Own Tokyo was turned into a virtual event coordinated by ZDI from Toronto, Canada. On the first day of the event, the NETGEAR Nighthawk R7800 router, Western Digital My Cloud Pro series PR4100 NSA device and Samsung Smart TV were targeted and $50,000 was awarded among teams STARLabs, Trapa Security and Team Flashback.
Developing Story: COVID-19 Used in Malicious Campaigns
As the number of those afflicted with COVID-19 continues to surge by thousands, malicious campaigns that use the disease as a lure likewise increase. In this report, Trend Micro researchers share samples on COVID-19 related malicious campaigns. The report also includes detections from other researchers.
IoT Security is a Mess. These Guidelines Could Help Fix That
The supply chain around the Internet of Things (IoT) has become the weak link in cybersecurity, potentially leaving organizations open to cyberattacks via vulnerabilities they’re not aware of. However, new guidelines from the European Union Agency for Cybersecurity (ENISA) aims to ensure that security forms part of the entire lifespan of IoT product development.
US Department of Energy Launches New Program for Technology Security Managers
The US Department of Energy (DOE) recently launched the Operational Technology (OT) Defender Fellowship. Another milestone from the Department in enhancing the US’s critical infrastructure. In collaboration with DOE’s Idaho National Laboratory (INL) and the Foundation for Defense of Democracies’ (FDD) Center for Cyber and Technology Innovation (CTTI), the OT Defender Fellowship hopes to expand the knowledge of primary US front-line critical infrastructure defenders.
Ransomware Gang is Raking in Tens of Millions of Dollars
A ransomware organization has raked in tens of millions of dollars, according to a new report. The organization, identified as group “One,” walked away with 2,200 Bitcoin, according to a report by Advanced Intelligence. That’s more than $33 million based on the current Bitcoin exchange rate.
CISA Braces for 5G with New Strategy, Initiatives
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released its 5G Strategy, ensuring the federal government and its many states, local, tribal, territorial, and private sector partners are secure as when the 5G technology arrives. The agency’s document hoped to expand on how the US government would secure 5G infrastructure both in the country and abroad.
Hacker-for-Hire Group Targeting South Asian Organizations
There’s a new cyber mercenary group on the block, and they’re going after targets in more than a dozen countries globally, according to a BlackBerry research report. The hack-for-hire shop, which BlackBerry is calling “CostaRicto,” has largely gone after targets in South Asia, especially in India, Bangladesh and Singapore. Some of its targeting was also located in Africa, the Americas, Australia and Europe.
Defense in Depth, Layered Security in the Cloud
In this blog, Trend Micro’s vice president of cybersecurity, Greg Young, discusses the evolution of network security into how it manifests itself today, how network security has looked up until now, how the future of network security looks and why security teams need layered protection in the cloud.
Surprised by Microsoft’s decision to remove the description section from Patch Tuesday bulletins? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
