Tag Archives: IT security

Global ransomware attacks against universities doubled year-on-year in 2020

According to BlueVoyant’s Cybersecurity in higher education report, the number of ransomware attacks against universities increased by 100% year-on-year in 2020. The company compiled data from 2702 universities across 43 countries, covering the period January 2019 to September 2020. It went on to say that average payouts were totaling nearly $450,000.

The company claims that the rise in ransomware attacks against universities was due to them being forced to adopt remote teaching and learning methods. 22% of all analyzed universities and colleges had open or unsecured remote desktop ports (RDPs), and 66% lacked protocols like SPF, DKIM, and DMARC to help guard against phishing. The company said that these are the primary contributing factors. The report also stated that the second most types of attacks were data breaches, which accounted for half of all cyberattacks in 2019.

“This is an industry that has had to rapidly pivot to online learning, changing standard methods of learning, practically overnight. The education sector is also under huge financial and regulatory pressure,” says Jim Rosenthal, the CEO of BlueVoyant. He went on to say that “Threat actors know that there are vulnerabilities to be exploited and they are taking advantage of these vulnerabilities at every opportunity, making it imperative for universities to adopt a solid cybersecurity threat posture to ensure that the wealth of sensitive data is properly defended against adversaries.”

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Microsoft-themed content used as bait for half of credential-swiping phishing attacks

In 2020, half of all phishing emails used Microsoft Office-themed content to lure in unsuspecting victims and swipe their credentials, according to a Tuesday report by Cofense. The company analyzed millions of attack-related emails and concluded that 57% of the mails were phishing emails with the intent to steal credentials, while the rest were used for planting malware in the user’s systems or as business email compromise (BEC) attacks.

Cofense researchers said that 45% of those phishing emails were Microsoft themed as they were banking on the increase in organizations migrating to Office 365. “With the number of organizations migrating to Office 365, targeting these credentials allows the threat actor to gain access to the organization as a legitimate user to go undetected,” the researchers from the company told Threatpost. They further went on to recommend the use of multi-factor authentication (MFA) to secure Microsoft Office logins.

The researchers also said that apart from Microsoft products and solutions that tie-in with Microsoft, other company names have also been used to lure in victims. “Other popular brands we observed asking for credentials were other various cloud hosting services such as Adobe, Dropbox, Box, DocuSign or WeTransfer,” the researchers said.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

VMware patches critical RCE vulnerability that allowed attackers to execute code remotely

VMware has patched up multiple critical remote code execution (RCE) vulnerability in its ESXi, vCenter Server, and Cloud foundation products. The flaw would allow attackers to run codes and affect systems remotely. This vulnerability, tracked as CVE-2021-21972, is critical in severity as it has a CVSS score of 9.8 out of a maximum of 10.

The company said in its advisory that “A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.”

VMware also addressed another vulnerability that allows unauthorized users to send POST requests that allow for further attacks, including the ability to scan the company’s internal network and retrieve data about the open ports of various services. The company provided workarounds for these flaws until the updates can be deployed. The workaround details can be found here.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)