Cyberthreat update during this pandemic
Cyberthreats have been at an all time high this year during the hard times of COVID-19. It seems that companies are worried and there is basis to stress. To what seems like a protected company, cybersecurity is not a top priority but when looking at what is happening in the world, backup and recovery needs to me a must have. So here is what is happening:
Ransomeware extortion site lunched for leaked data
The Avaddon ransomware group has launched a data leak site and announced it on a Russian language cybercrime forum — making them the latest operation to seriously threaten to steal sensitive data and publicly release it if the victims fail to pay a ransom.
The operators behind Avaddon are actively recruiting new affiliates — attackers who receive a personalized version of the ransomware, tied to a unique affiliate ID, and share profits with the operators whenever a ransom is paid by victims.
With ransomware attacks escalating into data breaches, it’s important to have tools with integrated ransomware protection — like Acronis Cyber Protect — to detect and block modern cyberthreats, keeping your business-critical data private and secure.
TeamViewer vulnerability could leak passwords
The popular remote access tool TeamViewer recently patched a vulnerability in its Windows client that could leak your password to an attacker.
Exploiting this issue, attackers can create malicious websites that use TeamViewer’s specific URI to launch the application and provide it with an SMB path argument, which in turn sends the user’s NTLM password hash to the attacker. Cybercriminals can then brute force the victim’s login credentials and potentially take over their entire system.
This vulnerability has been fixed as of TeamViewer version 15.8.3, and all users are urged to immediately update their client to stay protected online. The vulnerability assessment and patch management features in Acronis Cyber Protect keep you safe by automatically monitoring for, and installing, patches to TeamViewer and other applications.
SANS suffers data breach after phishing attack
The SANS Institute, a cybersecurity training organization, has disclosed a security incident which resulted in 28,000 records of personally identifiable information (PII) being forwarded to an unknown email address. A phishing email was found to be the initial attack vector, compromising just a single employee’s account.
Before the leak was identified, a total of 513 emails were forwarded to an external account. While the majority of these did not contain important data, some did include files with information such as first and last names, phone numbers, email and physical addresses, employers, and industries.
The SANS Institute is renowned for its excellent cybersecurity instructors, training, and certifications. No matter who you are — or how vigilant you tend to be in watching out for phishing scams — breaches can still happen. URL filtering capabilities, such as those in Acronis Cyber Protect, automatically block access to malicious URLs and keep your systems safe.