News Today
Financial Times 12/14/20 - US orders emergency action after huge cyber security breach
The US has issued an emergency warning after discovering that “nation-state” hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems. Hundreds of thousands of organisations around the world use SolarWinds’ Orion platform. The US department of Homeland Security’s cyber security arm ordered all federal agencies to disconnect from the platform, which is used by IT departments to monitor and manage their networks and systems.
ThreatPost 12/11/20 - Feds: K-12 Cyberattacks Dramatically on the Rise
The feds have warned that cyberattacks on the K-12 education sector are ramping up alarmingly. In an alert from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), officials said that data from the Multi-State Information Sharing and Analysis Center (MS-ISAC) shows that in August and September, 57 percent of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to just 28 percent of all reported ransomware incidents from January through July.
SCMagazine 12/11/20 - New ransomware campaign exploits weak MySQL credentials to lock thousands of databases
Researchers at Guardicore Labs have uncovered a year-long malware-less ransomware campaign targeting millions of internet-facing MySQL databases. The campaign, named PLEASE_READ_ME by researchers, has been going on since January 2020 and has utilized an “extremely simple” attack chain tocarry out at least 92 separate attacks over the past year, with a sharp rise in volume since October.
WIRED 12/11/20 - Hackers Accessed Covid Vaccine Data Through the EU Regulator
information relating to the one of the most promising coronavirus vaccines has been “unlawfully accessed” following a hack on the European regulatory body that’s in the final stages of approving it, the firms jointly developing the vaccine said on Wednesday. The European Medicines Agency based in Amsterdam first disclosed the breach. The statement said only that the EMA had been subject to a cyberattack and that it had begun a joint investigation along with law enforcement.