TL; DR: Don’t trust even the courier – especially when they send you an odd e-mail

The number of vulnerability victims in enterprise content firewall Accellion is constantly increasing. Most recently, a Canadian airplane maker has been targeted. Hackers also targeted Microsoft’s e-mail accounts, whilst in other case Microsoft quite richly rewarded a security researcher.

A Finnish company also had to disconnect its services and dozens of nurseries in Britain renounced the vulnerable camera system.

Top brands abused

Thousands of users of Microsoft’s e-mail accounts have become a target of an extensive and sophisticated phishing campaign.

Attackers pretend to be from popular mail couriers FedEx and DHL Express and aim to steal their credentials.

They probably weren’t modellers

A Canadian airplane maker Bombardier has become a target of ransomware attack executed by the cybercrime gang Clop. The investigation revealed that the gang could have gained access through zero-day vulnerability in enterprise content firewalli Accellion into hundreds of servers.

The attackers accessed and stole documents related to design of airplanes and their spare parts, and a few of them were already available on dark web. The personal data of clients and employees weren’t allegedly stolen.

Unscheduled pause

A Finnish IT company TietoEVRY, employing 24 thousand people throughout 80 countries, was forced to disconnect clients’ services and to disconnect part of the infrastructure.

The service was disconnected to prevent the spread of a successful ransomware attack. The attacker and the amount of ransom are not yet known.

They probably didn’t access the data

A cloud provider named Qualys has become a target of a cyberattack. The attack probably allowed the attackers to gain access to part of the data and it is possible (not yet confirmed) that this is another attack executed by the Clop ransomware.  

Qualys indicates that the attacker didn’t gain access either to users’ data or to codes and the production environment.

The problem was connected with the password recovery

Microsoft paid 50 thousand American dollars to a security researcher who discovered the vulnerability allowing the takeover of Microsoft account.

The attack was focused on one of the steps of the password recovery process and the condition of vulnerability was that the account hadn’t two-factor authentication enabled.


« Späť na zoznam