The cybersecurity world is continuously changing, which makes following the news more important than ever. Let's take a look to see what happened this week.
1. Sodinokibi, a cyber hacking group responsible for a ton of ransomware attacks this year, have breached a Brazilian based energy company demanding a $14million ransom. Light S.A admitted the intrusion on a local newspaper, and that it resulted in the encryption of all Windows system files. Unfortunately, as reported from AppGate, there is no global decryptor for the ransomware, which means that the private key held by the attackers is required to decrypt the infected files.
2. The darknet threat intelligence firm KELA reported that the hacking group named KelvinSecurity Team is trying to sell a database containing the private information of over 384k BMW car owners. According to the hacking group, the stolen data came from a call centre that manages the customers of various car suppliers.
3. A critical security bug identified in PAN-OS may allow attackers to bypass firewalls and corporate VPN products. The vulnerability named CVE-2020-2021 has received a score of 10/10 on the CVSSv3 scale and can be exploited only when a specific configuration is enabled. Fortunately, a patch has been released fixing this bug with the company urging users to update their systems as soon as possible.
4. Moving on to Microsoft which has been given permission to take control of several malicious domains being used to operate COVID-19 phishing scams. The Microsoft crime Unit located the domains in December 2019 and then noticed that they were used in conjunction with COVID-19 phishing scams. The malicious emails offered a financial bonus as a motive for clicking a malicious link, which then would ask the user to give permissions to a malicious web application. It very important for users to understand how to identify a phishing email to avoid falling victim to one.
5. In other news, Google has announced that its Tsunami vulnerability scanner for large-scale enterprise networks will be open source. Unlike other vulnerability scanners Tsunami was designed to find vulnerabilities in large networks that include hundreds of thousands of endpoints. This decision by Google is something very positive for the cybersecurity world.