The Briefing – WK46 2020
Curated for business leaders, small business owners and security staffers; The Briefing is a compact summary of noteworthy security stories impacting global business sectors and industries prevalent across the Caribbean Region.
GLOBAL NEWS
FTC Says Zoom Misled Users on Its Security for Meetings:Â
US Federal Trade Commission has proposed that Zoom revise its security practices as part of a settlement proposal. Zoom are accused of retaining cryptographic keys that would allow it to decrypt stored video conference sessions. This is contrary to the impressions of complete security it gave to users during 2020; when it marketed that Zoom calls were encrypted end-to-end.
Apple Patches Three Actively Exploited Vulnerabilities:Â
Apple has released patches for tens of vulnerabilities across its products – three of which are being actively exploited in attacks in the wild. The vulnerabilities discovered by Google’s Project Zero are tracked under CVE-2020-27930 (Remote Code Exploit), CVE-2020-27932 & CVE-2020-2750.
CARIBSOC does not currently have corroborated details of attacked targets of locations.
Russian Hacker Group Continues Stealing Money From Industrial Organisations:Â
A Russian-speaking threat actor has been targeting hundreds of industrial enterprises for more than two years, their main goal being to steal money. A Kaspersky report details the techniques and the migration to more modern methods of deceit.
Hackers Demand $11 Million From Capcom After Ransomware Attack:Â
Cybercriminals who breached the systems of Japanese video game giant Capcom are demanding $11 million in bitcoin after deploying ransomware and stealing vast amounts of data. The hackers used the Ragnar Locker ransomware to steal more than 1 TB of files, including accounting files, banking statements, financial reports, tax documents, intellectual property, proprietary business information, personal information of employees and customers, corporate contracts, emails, private chats, and various other types of information.
CARIBSOC advises organisations to corroborate all data and information as a matter of course when determining impacts to their staff & infrastructure.