Cyber Defense eMagazine October Edition for 2021

More documents

Recommendations

Info

The Top 6 Cyber Attacks Of 2021 So Far By Nicole Allen, Marketing Executive, Salt Communications. Cyberattacks have been on the rise for years, and the trend shows no signs of slowing down. To add salt (no pun intended) to the wound, the COVID-19 pandemic has just made matters worse when it comes to cybersecurity. Those hoping for reprieve from the growing menace of cybercrime in 2021 will be disappointed, as the number of attacks continues to rise day by day. Having completed the first half of 2021, already there have been many major cyberattacks that have made headlines throughout the world. We have detailed six of the most significant cyberattacks that occurred in the first half of 2021: #1 CNA Financial CNA Financial, one of the US’s top insurance companies, was struck by a "sophisticated cybersecurity attack" on March 21, 2021. The company's employee and customer services were disrupted for three days as a result of the cyberattack, which forced the company to shut down "out of an abundance of caution" to prevent additional compromise. An attack like this, according to Joshua Motta, CEO of security firm Coalition, is a "horror scenario" that might result in a hacker gaining access to cyber insurance policyholder data. This information would provide a hacker with precise knowledge on how much money policyholders are willing to pay out in the event of a future assault. Typically, ransomware hackers must make educated predictions about how much a firm can pay to regain access to its data, and a company can always claim that it lacks the funds — a valuable negotiating chip for the victim. That bargaining chip would be gone with CNA's insurance data, with hackers having the ability to launch far more effective attacks. Cyber Defense eMagazine – October 2021 Edition 34 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
#2 Florida’s water system A hacker gained unauthorised access to the system controlling a 15,000-person Florida city's water treatment plant and attempted to contaminate the water supply with a caustic chemical, exposing a threat cybersecurity experts say has grown as systems have become more computerised and accessible via the internet. The hacker who used a remote access application shared by plant personnel to enter the system at the city of Oldsmar's water treatment plant temporarily boosted the amount of sodium hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million). #3 Microsoft Exchange mass cyber attack Microsoft's popular Exchange mail server service for businesses has been found to have had several zero-day vulnerabilities. After learning about vulnerabilities, highly-skilled bad actors identified as the Hafnium gang from China actively attacked four zero-day vulnerabilities in Exchange Server, affecting millions of Microsoft clients across the world. Cybercriminals used security flaws to construct a backdoor into Microsoft's corporate clients' networks, allowing them to inject malware, ransomware, steal patented technical documents, trade secrets, and other sensitive data. Using the ProxyLogon vulnerability, ransomware rushed in and started compromising Microsoft Exchange servers. On the evening of March 9th 2021, BleepingComputer reported on a new piece of file-encrypting malware named DearCry being used in attacks on Exchange servers. #4 Airplane Manufacturer Bombardier Bombardier, a well-known Canadian jet manufacturer, experienced a data breach in February 2021. The hack exposed the confidential information of suppliers, customers, and approximately 130 Costa Rican employees. An unauthorised individual had gained access to the data by exploiting a weakness in a thirdparty file-transfer application, according to the inquiry. The stolen information was then leaked onto a site which was operated by the Clop ransomware gang. The faulty software, although not named by Bombardier, has been widely reported as being the Accellion FTA package. Since the attack on the New Zealand central bank in December 2020, attackers have been targeting Accellion clients. Some of those targeted, however, discover that stolen material is being transferred to a dark web site in an apparent attempt to extort money from the companies. The site has previously been exploited by the Clop ransomware gang in double-dip extortion attempts, according to FireEye. Cyber Defense eMagazine – October 2021 Edition 35 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: The Top 6 Cyber Attacks Of 2021 So
Page 3 and 4: Protecting SMBs from Current Cybers
Page 5 and 6: @CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8: Cyber Defense eMagazine - October 2
Page 33: Cyber Defense eMagazine - October 2
Page 37 and 38: Raise Cyber Security Awareness: Whe
Page 39 and 40: Source Code Protection Market Do we
Page 41 and 42: of script administration, no backup
Page 43 and 44: to steal “the keys to the kingdom
Page 45 and 46: Part 1 - Using a Proxy Server - BUR
Page 47 and 48: Below we have an example of interce
Page 49 and 50: Having the device UUID and being co
Page 51 and 52: In the second part, we demonstrate
Page 53 and 54: Currently, we are bound to use tech
Page 55 and 56: You can be a hacker too! Remember,
Page 57 and 58: The Brutal Reality of Brute Force A
Page 59 and 60: Multi-factor authentication is one
Page 61 and 62: Why outdated software poses cyberse
Page 63 and 64: About the Author Roman Davydov is a
Page 65 and 66: What data security risks do communi
Page 67 and 68: Is the Edge Really Secure? By Cheta
Page 69 and 70: Or, let’s spend some time discuss
Page 71 and 72: accessible. Different agencies have
Page 73 and 74: Making Sure the Lights Don’t Go O
Page 75 and 76: Gösgen’s IT Security Officer, Fr
Page 77 and 78: MFA works a few different ways, but
Page 79 and 80: Get Ahead of the Game: Packet Captu
Page 81 and 82: investigations and the ability to t
Page 83 and 84: Thousands of Fortinet VPN Account C
Page 85 and 86:
and operating costs. FIDO2 is the s
Page 87 and 88:
As ports have been steadily ramping
Page 89 and 90:
About the Author Working at the int
Page 91 and 92:
Today’s Threat Landscape The 2021
Page 93 and 94:
Thwarting Today’s Phishing Attack
Page 95 and 96:
Security is Everyone’s Job Employ
Page 97 and 98:
CapitalOne data breach occurred as
Page 99 and 100:
About eSentire eSentire Inc., is th
Page 101 and 102:
Complying with regulations Security
Page 103:
Cyber Defense eMagazine - October 2
Page 106 and 107:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Free Monthly Cyber Defense eMagazin
Page 117 and 118:
show all

Cyber Defense eMagazine October Edition for 2021

Create successful ePaper yourself

Delete template?

Save as template?