January 2021: Cybersecurity Roundup
This past month in cybersecurity:
- FireEye Released Technical Details Related to SolarWinds
- FBI Seizes NetWalker Ransomware
- Emotet Malware Network Dismantled By Police
- New Zealand Central Bank Suffered Data Breach
- Mimecast Products used to Spy on Customers
FireEye Released Technical Details Related to SolarWinds
FireEye released an update including technical details in a white paper explaining how attacker used access gained through the SolarWinds hack to pivot and attack Microsoft 365.
FireEye also released a tool that allows system administrators to determine if their environment has been compromised.
FBI Seizes NetWalker Ransomware
The US Department of Justice launched a global action against NetWalker “ransomware-as-a-service”. NetWalker ransomware was used to extort tens of millions of dollars from schools, hospitals, law enforcement, government organizations, and more.
In the sweeping offensive against NetWalker, the DOJ seized nearly $500,000 in stolen cryptocurrency, brought charges against a Canadian national, and dismantled NetWalker’s dark web service used to communicate ransomware victims.
Emotet Malware Network Dismantled By Police
Police have dismantled Emotet, the “most dangerous” malware network responsible for stealing nearly $2.5 billion. Six European countries, Canada, and the US coordinated this joint effort to take control of several Internet servers used in the Emotet malware network.
Emotet is a “malware-as-a-service” tool that cybercriminals can use to take control of a victim’s computer and demand payment.
New Zealand Central Bank Suffered Data Breach
The Reserve Bank of New Zealand suffered a data breach and responded with urgency to control the impact.
An attacker illegally accessed the bank’s file sharing service. The bank is still investigating to determine how much data was accessed and the severity of the breach. The bank issued a vague statement saying that the breach “may include some commercially and personally sensitive information.”
Mimecast Products used to Spy on Customers
Mimecast announced that hackers had hijacked its products to spy on customers. Mimecast is a cloud cybersecurity service specializing in Microsoft 365 security solutions. The company said that around 10% of its customers were affected and that the impact had still not been determined.
That’s All Folks
Thanks for reading! We’ll be back next month with a quick roundup of topics we found interesting.
Did we miss a super important story? Let us know! We’ll do better next time.