Cybersecurity News of the Week, September 11, 2020 |
|
New Known US Breaches in the Past Week
City of Hartford postpones the first day of school after a ransomware attack. Ransomware attack impacted the IT system that the school district uses to manage school buses and transportation routes. By Catalin Cimpanu for Zero-Day | September 8, 2020 -- 15:19 GMT
Webmaster forum database exposed the data of 800,000 users. A database belonging to the Digital Point webmaster forum leaked the records of over 800,000 users. By Charlie Osborne for Zero-Day | September 7, 2020 -- 13:00 GMT (21:00 SGT)
Data Breach at Roper St. Francis Hospital Affects 6,000 Patients. Roper St. Francis Hospital (RSFH) has reported that 6,000 patients are directly affected by a data breach that allowed attackers to steal their medical records and other personal information. September 5, 2020
Jewish Federation of Greater Washington reports a $7.5 million hacks. The Jewish Federation of Greater Washington reported a hack that drained $7.5 million from its endowment fund and funneled the money into international accounts. By Emily Davies. September 3, 2020 at 5:48 a.m. GMT+8 |
|
World Breaches in the Past Week
Chilean bank shuts down all branches following a ransomware attack. BancoEstado, one of Chile's three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend. By Catalin Cimpanu for Zero-Day | September 7, 2020 -- 16:31 GMT
Netwalker Ransomware hit Argentina’s official immigration agency. Argentina’s official immigration agency, Dirección Nacional de Migraciones, was hit by a Netwalker ransomware attack that caused the interruption of the border crossing into and out of the country for four hours. September 6, 2020, By Pierluigi Paganini.
Big ransomware attacks overshadowing other alarming trends.Ransomware continues to grow and as companies such as Garmin pay millions to get their data back it gives more incentive to build these bugs. |
|
Small Business Cybersecurity Concerns
Small businesses are more at risk from phishing attacks.Phishing accounts for 90% of all breaches that organizations face, they’ve grown 65% over the last year, and they account for over $12 billion in business losses. By Joel Witts Expert Insights / Jun 01, 2020
Small Business Is Big Target for Ransomware.According to a new survey of senior executives, 46% of all small businesses have been the targets of a ransomware attack. And of those companies that have been hit with a ransomware attack, almost three-quarters (73%) have paid a ransom. April 16, 2020 / Dark Reading Staff
28% of Data Breaches in 2020 Involved Small Businesses.The top patterns criminals are using to attack small businesses are web applications and miscellaneous errors. These represent 70% of the breaches. The threat actors who are perpetrating these crimes come mostly from external sources at 74%. By Michael Guta / May 25, 2020
Insider Threats: A Big Fear for Small Businesses.A recent report finds that more than half (58 percent) of small-to-medium-sized business (SMB) executives are “more concerned about suffering a major data breach than a flood, a fire, a transit strike, or even a physical break-in of their office.” By Pam Baker on March 21, 2019 |
|
CVE Announcements This Week
Microsoft fixes over 110 CVEs again.Microsoft has released patches for 129 CVEs, 23 of which are “critical”, 105 “important”, and one “medium”-risk (a security feature bypass flaw in SQL Server Reporting Services). None of them are publicly known or being actively exploited. Zeljka Zorz, Help Net Security / September 8, 2020
Android's September 2020 Patches Fix Critical System Vulnerabilities.More than 50 flaws are described in the Android Security Bulletin for September 2020: twenty-two as part of the 2020-09-01 security patch level and twenty-nine with the 2020-09-05 security patch level. By Ionut Arghire on September 09, 2020
Google Squashes Critical Android Media Framework Bug.Google patched a critical vulnerability in the Media Framework of its Android operating system, which if exploited could lead to remote code execution attacks on vulnerable devices. By Lindsey O'Donnell on September 9, 2020
Cisco patches critical, wormable RCE flaw in Cisco Jabber.Cisco has patched four vulnerabilities in its Jabber client for Windows, the most critical of which (CVE-2020-3495) could allow attackers to achieve remote code execution by sending specially crafted chat messages. By Zeljka Zorz, Managing Editor, Help Net Security on September 3, 2020 |
|
Sincerely, |
Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827 |
Get Social