Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.

Post related to: Internet

Facebook server outage

Facebook, WhatsApp, Instagram and Messenger services were disrupted by a global outage, affecting users in Europe, America and Asia in particular.As Facebook explains in its official statement,...

References:

engineering.fb.com

twitter.com

engineering.fb.com

bleepingcomputer.com

zdnet.com

krebsonsecurity.com

xataka.com

elpais.com

elconfidencial.com

Tags:

DST Root CA X3 certificate has expired

Let’s Encrypt, a non-profit company dedicated to issue SSL certificates, has confirmed that its root certificate, DST Root CA X3, has expired last 30 September, being replacing by the new ISRG Root...

References:

letsencrypt.org

scotthelme.co.uk

techcrunch.com

genbeta.com

eleconomista.com

Tags:

Internet

SSL/TLS

Total disruption of GSS services due to a ransomware

The Spanish and Latin American division of the Covisian Group, GSS, one of the main contact center service providers in Europe, has been victim of a ransomware cyberattack, causing a downfall of...

References:

canaldeisabelsegunda.es

therecord.media

vozpopuli.com

securityaffairs.co

Tags:

Other critical infrastructures

Water treatment

Up to 35 years in prison for running a DDoS service

Matthew Gatrel, 32, has been convicted by a federal jury of conspiracy to commit and unauthorised alteration of a protected computer and conspiracy to commit wire fraud. He faces up to 35 years in...

References:

justice.gov

krebsonsecurity.com

bleepingcomputer.com

Tags:

Cybercrime

Denial of service

Internet

Other critical infrastructures

Public administration

Mēris, a new botnet, breaks DDoS attack record

According to Qrator Labs researchers, a new botnet known as Mēris has appeared, which has a recorded power of 21.8 million of request per second (RPS) so far and is composed of at least 200.000...

References:

blog.qrator.net

bleepingcomputer.com

xataka.com

Tags:

Cybercriminals gained access to UN IT network

Spokesman for United Nations Secretary-General, Stéphane Dujarric, has confirmed a data breach in which cybercriminals gained access to the IT network using stolen credentials related to the Umoja...

References:

un.org

bloomberg.com

europapress.es

Tags:

Microsoft Power Apps put the confidentiality of millions of data at risk

UpGuard researchers have reported a vulnerability that affects Microsoft Power Apps, related to a configuration flaw in ODdata API, which could have exposed online more than 38 million of sensitive...

References:

upguard.com

docs.microsoft.com

unaaldia.hispasec.com

zdnet.com

thehackernews.com

Tags:

Public administration

Vulnerability

Cloudflare recorded the largest DDoS attack so far

Cloudflare's protection systems automatically detected and mitigated the largest DDoS cyberattack ever recorded, which generated 17.2 million HTTP requests per second (rps).Cloudflare notes that...

References:

blog.cloudflare.com

thehackernews.com

bleepingcomputer.com

blogs.masterhacks.net

Tags:

Botnet

Denial of service

Internet

National Police arrest group of people for hackstorsion

The Spanish National Police have arrested 10 cybercriminals for allegedly being responsible for carrying out criminal activities on the Internet and hackstorsion to some 430 victims, after they...

References:

policía.es

lavanguardia.com

diariodeburgos.es

Tags:

Cybercrime

Internet

Public administration

Social networks

Interrupción del servicio DNS de Akamai a nivel global

Akamai Technologies, one of the main provider of content delivery network (CDN) and cloud services, reported a problem with Zone Apex Mapping feature of the Edge DNS service, which resulted in its...

References:

edgedns.status.akamai.com

twitter.com

bleepingcomputer.com

elcomercio.es

lavanguardia.com

Tags:

Other critical infrastructures

Corporate access

Cybersecurity Highlights

Facebook server outage

DST Root CA X3 certificate has expired

Total disruption of GSS services due to a ransomware

Up to 35 years in prison for running a DDoS service

Mēris, a new botnet, breaks DDoS attack record

Cybercriminals gained access to UN IT network

Microsoft Power Apps put the confidentiality of millions of data at risk

Cloudflare recorded the largest DDoS attack so far

National Police arrest group of people for hackstorsion

Interrupción del servicio DNS de Akamai a nivel global

Pages