Cyber Weekly Digest - Week #20

Updated: May 22, 2020

A busy week for hackers and companies alike, with Microsoft and Adobe both releasing security patches for their products; while ransomware attacks were top of the trends. Let us go and see what happened.


1. Adobe released patches this week to fix thirty-six vulnerabilities in three of its products. The products that received the updates are Adobe Acrobat, Reader and Adobe DNG Software. Interestingly sixteen of the thirty-six vulnerabilities are classified as "Critical". We strongly suggest that if you use either of these products to install the latest updates to protect yourself from potential cyber-attacks.


2. Speaking of patch releases, Microsoft's Patch Tuesday was this week with the company fixing 111 security holes in Windows and Windows-based programs. At least sixteen of those vulnerabilities are classified as "Critical" while the remaining non-critical vulnerabilities are labelled as "Important". As always, it is highly suggested that you install those updates to safeguard your endpoint.


3. Some good news for a change, Black Hat and DEF CON, the two biggest security conferences will be available online this year. In light of the COVID-19 pandemic, the organisers decided to cancel their in-person event and announced plans to go with a virtual conference format.


4. Hackers were reportedly able to compromise a database that belongs to a high profile law firm. The law firm, which has clients like Madonna, Lady Gaga and Robert De Niro, acknowledge the event by saying that they work around the clock to address the situation. The criminals allegedly stole 756 GB of data, including personal emails and contracts, and they demand payment to ensure the "confidentiality" of the information.


5. The British energy system has fallen victim of a cyber-attack this week targetting the IT infrastructure used to run the electricity market. Elexon, the electricity system's administrator, confirmed the event, adding that the electricity supply has not been affected. Even though the nature of the attack has not been revealed, experts believe this is a ransomware incident.


6. The major ATM provider Diebold Nixdorf was also targetted by ransomware this week, with the company stating that the attack did not touch the customer networks or the ATMs but rather affected only the corporate network. As a result, some services were temporarily affected. Fortunately, because of the rapid response of the security team, the malware spread was contained.

9 views