Categories
Arbitrary Code Execution Breach Bug Conti COVID Credential Stuffing CVE Cyber Security Dark Web Data leak Hacking Malware Phishing Ransomware Social Engineering Vulnerability

Suspected North Korean hackers targeted COVID vaccine maker AstraZeneca, Chip maker Advantech hit by Conti ransomware gang, and more

Major cybersecurity events on 30th November 2020 (Morning Post): Suspected North Korean hackers targeted COVID vaccine maker AstraZeneca, Chip maker Advantech hit by Conti ransomware gang, Drupal emergency updates fix critical arbitrary PHP code execution.

Round Up of Major Breaches and Scams

Suspected North Korean hackers targeted COVID vaccine maker AstraZeneca

Suspected North Korean hackers have tried to break into the systems of British drug maker AstraZeneca in recent weeks. The hackers posed as recruiters on networking site LinkedIn and WhatsApp to approach AstraZeneca staff with fake job offers. They then sent job descriptions laced with malicious code to gain access to a victim’s computer.

Hackers selling data of 21,000 British motorists on the dark web

Personal information, including driving licence numbers and phones numbers, of 21,000 British motorists have reportedly been stolen by cyber criminals and put up for sale on dark web marketplaces. The massive breach of personal records of British motorists was obtained by the hackers after breaching a web server owned by an insurance company.

Man United Unable to Fully Restore Systems After Cyberattack

Manchester United has been unable to fully restore its computer systems a week after being targeted in a cyberattack. The Premier League club’s staff still did not have access to email on and some other functions were also unavailable.

Phishing lures employees with fake ‘back to work’ internal memos

Scammers are trying to steal email credentials from employees by impersonating their organization’s human resources (HR) department in phishing emails camouflaged as internal ‘back to work’ company memos. These phishing messages have managed to land in thousands of targeted individuals’ mailboxes after bypassing G Suite email defenses.

Crooks stole 800,000€ from ATMs in Italy with Black Box attack

A criminal organization has stolen money from at least 35 ATMs and Post Office cash dispensers operated by Italian banks with a new black box attack technique. The Carabinieri of Monza dismantled by the gang, the Italian law enforcement agency confirmed that the cybercrime organization stole about 800,000€ in just 7 months.

Round Up of Major Malware and Ransomware Incidents

Chip maker Advantech hit by Conti ransomware gang

The Conti ransomware gang hit infected the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is demanding over $13 million ransom (roughly 750 BTC) to avoid leaking stolen files and to provide a key to restore the encrypted files.

Round Up of Major Vulnerabilities and Patches

Drupal emergency updates fix critical arbitrary PHP code execution

Drupal has released emergency security updates to address a critical vulnerability with known exploits that could be exploited to achieve arbitrary PHP code execution on some CMS versions. The Drupal project uses the PEAR Archive_Tar library that was recently updated to address the CVE-2020-28948 and CVE-2020-28949.

A critical flaw in industrial automation systems opens to remote hack

Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked as CVE-2020-25159, the flaw is rated 9.8 out of 10 severity and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012.