From Security Weekly Wiki
Jump to navigationJump to search


  1. Ransomware attack takes web hosting provider Managed.com servers offline Managed.com, one of the world's largest web hosting providers, has disclosed it was forced to shut down its entire web hosting infrastructure after being hit by a ransomware attack on Nov. 16 that also reportedly took down "a small number" of customer websites.
  2. Hacking group exploits ZeroLogon in automotive, industrial attack wave The possibly Chinese government state-sponsored "Cicada" (APT10, Stone Panda, Cloud Hopper) advanced persistent threat (APT) group has been spotted leveraging the "Zerologon" vulnerability (CVE-2020-1472) in a worldwide attack campaign targeting businesses connected to Japan in order to access and exfiltrate sensitive information.
  3. Microsoft fixes Windows Kerberos authentication issues in OOB update Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers CVE-2020-17409. Low risk, high complexity and high priv level needed to exploit.
  4. Australian government warns of possible ransomware attacks on health sector The Australian government has issued a security alert today urging local health sector organizations to check their cyber-security defenses, attacks targeting the health care sector with the "SDBBot" remote access Trojan (RAT), which is a known precursor to "Clop" ransomware infections.
  5. Vertafore data breach exposed data of 27.7 million Texas drivers Vertafore announced that information of 27.7 million Texas drivers has been exposed in a data breach caused by a human error. Vertafore announced that after an employee inadvertently stored three files containing the PII on an unsecured external storage service that was ultimately accessed by an unknown third party.
  6. More than 200 systems infected by new Chinese APT 'FunnyDream' A new Chinese state-sponsored hacking group "FunnyDream" has infected more than 200 systems across Southeast Asia. Activity leverages RIGHTSIDE and ENDRANT malware, among others.
  7. Over 80,000 ID Cards and Fingerprint Scans Exposed in Cloud Leak Misconfigured Amazon S3 bucket belonging to Canoga Park, Calif.-based used electronics reseller TronicsXchange exposed on the Internet containing more than 2.6 million files that included victims' personally identifiable information (PII) and biometric images.
  8. Millions of Bumble users put at risk after online dating hack