The most significant ransomware attack in July was the Kaseya attack conducted by the REvil (also known as Sodinokibi) ransomware group. The REvil operators exploited a 0day vulnerability in Kaseya’s VSA servers to bypass authentication measures and perform arbitrary code execution. Notably, this vulnerability had already been privately disclosed to Kaseya, though it remains unclear …
In the first six months of 2021, many countries were experiencing the worst waves of the COVID-19 pandemic and organisations came under increased strain, both from a business standpoint and a cybercriminal one. Critical infrastructure and enterprises were hit by attacks from disruptive ransomware and the opportunistic exploitation of multiple 0day vulnerabilities by state-sponsored APTs. …
COVID-19 Cybersecurity Update Citizens Advice in the UK has warned users not to fall for a new scam campaign that is sending fake messages purportedly from the UK government. The messages can come in the form of calls, text messages, or emails in relation to the new NHS test and trace service. Citizens Advice has …
Geopolitical and Cybersecurity Weekly – 22 June 2020 Read More »
COVID-19 Cybersecurity Update The Financial Times reports that Chinese threat actors are targeting coronavirus research in the United States. This comes at a time of escalating tensions between Washington and Beijing over the pandemic. The FBI and CISA are investigating the “targeting and compromise” of US research groups by China and its affiliates and warned …
Geopolitical and Cybersecurity Weekly – 18 May 2020 Read More »
COVID-19 Cybersecurity Update The government of North Rhine-Westphalia (NRW), a province in western Germany, has reportedly lost between €31.5 million up to €100 million in emergency aid following a COVID-19 phishing campaign. The threat actors behind the campaign created fake copies of the official website used to distribute COVID-19 financial aid by the NRW Ministry …
