top of page
  • Kathleen Maxted

Cyber Weekly Digest - Week #50

Updated: Jan 12, 2021

This week has seen some significant cyber security stories such as the cyber attack on FireEye and the European Medicines Agency. Keep reading to find out about the latest and biggest cyber security stories.

The cybersecurity firm announced on Tuesday that it had become a victim of what seems to be a state-sponsored attack. The attack was described as specifically designed to target FireEye. In response to the attack, FireEye published a list of countermeasures to help the community after it’s Red Team tools were accessed.

In the attack, documents relating to a Covid-19 vaccine were accessed. BioNTech said its regulatory submission was accessed during the attack. The EMA is working on approval of two Covid-19 vaccines, which it expects to conclude within weeks. The cyber-attack was not expected to impact that timeline, BioNTech said. EMA has stated that a full investigation into the attack had been launched.

The National Security Agency believed Russian state-sponsored actors have been exploiting a recently patched VMware vulnerability to steal sensitive information after deploying web shells on vulnerable servers. The NSA is encouraging that mitigation of the vulnerability on affected servers is prioritized. However, the NSA did not name the Russian-backed APT group involved.

Unlike previous months, December has less than 100 security fixes published. Fifty-seven security patches were issued affecting over 10 product and services. More than a third of this month’s patches are classified as remote code execution vulnerabilities.

Randstad has clients and operations in 38 countries, meaning it is one of the largest agencies in the world. This week it became the latest victim of an Egregor ransomware attack. It appears as if the firm managed to escape any significant operational impact, but it has suffered a data breach. The firm has states that relevant regulatory authorities and law enforcement agencies have been notified and that it does not appear as if the attack impacted any third-party systems.



bottom of page