CyberSec Roundup
A synopsis of the Latest Cybersecurity News

CISA Christmas Warning

The Cybersecurity and Infrastructure Security Agency is reminding businesses that cyber criminals are not taking the Christmas holidays off.  They have noticed that attacks are occurring on holidays and weekends when offices are normally closed. The FBI and CISA do not have any intelligence about a specific upcoming attack, but are encouraging businessES to be aware of the elevated holiday threat. Businesses should examine their cybersecurity posture and implement best practices to reduce their risk of being attacked.

IKEA Email System Hack

IKEA’s email system has been compromised and the threat actors are using internal email addresses to circulate phishing emails within the company. The attack is difficult to deal with. since the threat actors are using trusted internal company email addresses, and also replying to existing email threads with the phishing email from these addresses. IKEA has warned employees to be careful when opening internal emails as they work to solve the issue.

Cryptocurrency Mining Hacks

Google disclosed that 86% of recently compromised Google Cloud accounts were used for cryptocurrency mining purposes. In many cases, the compromised Google Cloud accounts were shown to be using very weak passwords and poor security controls. Organizations are urged to use best practices on their cloud accounts to secure their cloud instances and protect themselves from crypto mining malware.  

By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)