A week in security (December 14 – December 20)

Last week on Malwarebytes Labs we kept you updated on the SolarWinds attack, we warned about the special dangers that come with the Christmas season, published a threat profile for the Egregor ransomware, warned how a lead generation scam was targeting potential Malwarebytes MSP partners, and talked about smart toy security. We also posted a follow-up about the many ways you can be scammed on Facebook.

A VideoBytes episode spoke about the increase in brute force attacks due to more open RDP ports.

SolarWinds related cybersecurity news:

Several publications dealt with different angles and consequences of the SolarWinds attack:

• Researchers at Prevasio explained how reverse engineering the Domain Generation Algorithm (DGA) revealed the list of victims. (Source: Prevasio blog)
• Experts have begun pointing to concerns about potentially substandard security protocols, like an update server that was accessible with a simple password. (Source: NewsWeek)
• Microsoft confirmed it found compromised SolarWinds code in its systems, but denied that its own software was compromised in a supply-chain attack to infect customers. (Source: Engadget)

Other cybersecurity news:

• The CEO of decentralized finance (DeFi) insurer Nexus Mutual has lost the equivalent of over $8 million in a targeted attack. (Source: Coindesk)
• Researchers found more than 45 million medical imaging files, including X-rays and CT scans, freely accessible on unprotected servers. (Source: betanews)
• The Irish Data Protection Commissioner has announced a €450,000 fine on Twitter for data breaches under GDPR. (Source: Independent.ie)
• A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game, which install a ransomware calling itself CoderWare. (Source: BleepingComputer)
• Five human rights defenders that were victims of NSO Group’s WhatsApp hacking have stepped forward to tell their stories. (Source: AccessNow)
• Researchers have called for a determined path to cybersecurity because issues surrounding governance and a sense of responsibility are preventing mission success. (Source: SecureList)
• A company called Capella Space launched a satellite capable of taking clear radar images of anywhere in the world, even through the walls of some buildings. (Source: Futurism)

Stay safe, everyone!

The post A week in security (December 14 – December 20) appeared first on Malwarebytes Labs.