Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.

Post related to: Incident

A threat actor commits a Mimecast certificate

The email management software provider, Mimecast, has reported that one of its issued certificates, intended to authenticate its Mimecast Sync and Recover, Continuity Monitor and IEP (Internal...

References:

mimecast.com

sec.gov

bleepingcomputer.com

zdnet.com

threatpost.com

blogs.masterhacks.net

Tags:

Cyber incident at the NZ Central Bank

The New Zealand Reserve Bank has confirmed a cyber security incident involving its third party file sharing service provider, Accellion, through which confidential data was shared and stored.The...

References:

rbnz.govt.nz

bleepingcomputer.com

nbcnews.com

reuters.com

Tags:

Banking sector

Incident

Information leakage

Data leak confirmed at Sangoma

Sangoma Technologies Corporation, a company dedicated to providing unified communications solutions, also at the service level (UCaaS), and voice over IP (VoIP) and dedicated to the development of...

References:

sangoma.com

bleepingcomputer.com

siliconangle.com

Tags:

Other critical infrastructures

The VPN service known as Safe-Inet is dismantled

The Virtual Private Network (VPN) service, known as Safe-Inet, and preferably used, according to police sources, by cybercriminals worldwide, as it has a robust identity concealment system, was...

References:

europol.europa.eu

infosecurity-magazine.com

genbeta.com

Tags:

Other critical infrastructures

Public administration

Tool

Published a database, property of Ledger

A database of the company Ledger, which is dedicated to hardware cryptocurrency wallets, was published, on 20th of December, on the Raidforum, following unauthorised access.The security incident...

References:

twitter.com

ledger.com

es.ambcrypto.com

bleepingcomputer.com

xataka.com

Tags:

British energy supplier, People's Energy, suffers a security gap

UK energy supplier, People's Energy, has notified an unauthorised third party access to its IT infrastructure, due to a security breach.The incident was detected on 16th of December and it has...

References:

peopleenergy.co.uk

bbc.com

Infosecurity-magazine.com

Tags:

Industrial Control System

Information leakage

Lithuanian government faces cyberattack

Up to 22 websites belonging to the Lithuanian government have been compromised by a specially targeted and planned cyberattack, taking advantage of a security vulnerability in password management...

References:

kam.It

nksc.It

baltictimes.com

infosecurity-magazine.com

Tags:

Public administration

Cyberattack on the European Medicines Agency

The European Medicines Agency (EMA), which is responsible for the evaluation, monitoring and supervision of new medicines introduced into the EU for human and veterinary use, has been reported as...

References:

ema.europa.eu

s3.amazonaws.com

bleepingcomputer.com

derechodelared.com

investors.modernatx.com

ema.europa.eu

Tags:

FireEye Red Team tools have been stolen

FireEye, one of the world's leading cybersecurity companies dedicated to vulnerability analysis and prevention, has reported being the victim of a cyberattack through which its Red Team pentesting...

References:

fireeye.com

github.com

us-cert.cisa.gov

cso.computerworld.es

theverge.com

fireeye.com

sec.gov

incibe-cert.es

microsoft.com

Tags:

Other critical infrastructures

Public administration

Tool

The DarkIRC botnet aims to exploit vulnerable Oracle WebLogic servers

Researchers from Juniper Threat Labs have reported up to 5 types of cyberattacks against more than 3000 exposed Oracle WebLogic servers, including a botnet called DarkIRC.The goal of the...

References:

blogs.juniper.net

incibe-cert.es

bleepingcomputer.com

noticiasseguridad.com

bankinfosecurity.com

Tags:

Industrial Control System

Corporate access

Cybersecurity Highlights

A threat actor commits a Mimecast certificate

Cyber incident at the NZ Central Bank

Data leak confirmed at Sangoma

The VPN service known as Safe-Inet is dismantled

Published a database, property of Ledger

British energy supplier, People's Energy, suffers a security gap

Lithuanian government faces cyberattack

Cyberattack on the European Medicines Agency

FireEye Red Team tools have been stolen

The DarkIRC botnet aims to exploit vulnerable Oracle WebLogic servers

Pages