Home / Business Information Security News of the Week, December 18, 2020

Business Information Security News of the Week, December 18, 2020

Posted by Omnistruct Marketing on Dec 18, 2020 5:24:56 PM

Holiday Emails

Top Story for this Week


101 Best Security Startups of 2020

Welp Magazine hosts a yearly startup award honouring the most outstanding entrepreneurs and high-growth businesses in the world. Omnistruct got the #30 of best security startups for 2020! | December 17, 2020


SEC filings: SolarWinds says 18,000 customers were impacted by recent hack

IT software provider SolarWinds downplayed a recent security breach in documents filed with the US Securities and Exchange Commission on Monday. By Catalin Cimpanu | December 14, 2020 



New Known Breaches in the Past Week


KC suburb spent millions on cyber security protections but still got hit by ransomware

About four months ago, the Independence City Council decided to spend more than $4 million to beef up the city’s cybersecurity protections and upgrade the outdated computer network. By Kevin Hardy I Decemebr 12, 2020


Hacked Software Firm SolarWinds' Clients Include Ford, Microsoft, AT&T

A suspected Russia-led cyberattack that reportedly breached several U.S. government agencies seemingly exploited software from Texas-based software company SolarWinds, with malware pushed via booby-trapped updates. By Jason Murdock I December 14, 2020


California Hospital Notifies 67k Patients of Data Breach

A hospital in California has notified 67,000 patients that their personal data may have been exposed in a cyber-attack. By Sarah Coble I December 16, 2020


Ransomware attack causing billing delays for Missouri city

The City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services. By Lawrence Abrams I December 15, 2020


Medical scans of millions of patients exposed online

Over 45 million medical imaging files including x-rays and CT scans have been found sitting on internet-facing unprotected servers and accessible for anyone to view. By Amer Owaida I December 15, 2020



General Cybersecurity News 


US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor

State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA), and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. By Ravie Lakshmanan I December 13, 2020


US orders emergency action after huge cyber security breach

The US has issued an emergency warning after discovering that “nation-state” hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems. By Financial Times I December 14, 2020


Cybersecurity Is National Security: A calling for American business

In today’s complex geopolitical environment, inadequate business cybersecurity has clear and immediate national security implications. Business drivers for cybersecurity include enterprise risk, compliance, service management, operational resilience and cyber hygiene. These must now be supplemented by a deeper understanding of the national security impacts of business in unprotected digital space. By: Vimy Services LLC I December 14, 2020


Giant U.S. Computer Security Breach Exploited Very Common Software

A hacking campaign has gained access to private information from a number of government and industry organizations, including the U.S. Departments of Treasury, Commerce and Homeland Security. By Sophie Bushwick I December 15, 2020


Learn how Omnistruct can help build the right cybersecurity solution!


Small Business Cybersecurity Concerns


The anatomy of a cyberattack on your business

Cybercriminals bank on small businesses being easy targets, and the Covid-19 pandemic has only made it easier for them to wreak havoc, experts say. By Emon Reiser I December 15, 2020



CVE Announcements This Week


PgMiner botnet attacks weakly secured PostgreSQL databases

Security researchers have discovered this week a botnet operation that targets PostgreSQL databases to install a cryptocurrency miner. By Catalin Cimpanu | December 13, 2020


WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack

The SMTP WordPress plugin is installed on more than 500,000 sites, but despite the security patch has been released earlier this week many sites are yet to be patched. By Pierluigi Paganini I December 12, 2020


MountLocker' Ransomware Adds to Affiliate Extortion Racket

BlackBerry researchers are tracking a relatively new ransomware variant called "MountLocker" and the operators behind it, who are using affiliate cybercriminal gangs to help spread the malware, exfiltrate data and extort victims, sometimes for millions of dollars, according to an analysis. By Scott Ferguson I December 12, 2020


Insecure Communication From WinZip 24 Lets Hackers Drop Malware

In the course of searching for WinZip network communications changes, the experts noticed that through the unsecured tcp, the WinZip archiver was vulnerable to many attacks. By granting a rogue “update,” any threat attacker will easily manipulate this. By Mark Funk I December 12, 2020


Hacking group’s new malware abuses Google and Facebook services

Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. By Ionut Ilascu I December 14, 2020



Regulations, Frameworks, and Controls


Bank regulators mull stricter rules for reporting of data breaches

The FDIC is poised to take the first public action on the issue with the agency’s board scheduled to vote Tuesday on a proposed rulemaking dealing with “computer-security incident notification.” By Kevin Wack I December 14, 2020



Would you like to learn more?


Omnistruct Marketing

Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827

Unsubscribe                   Manage preferences


Topics: Omnistruct Newsletter