CyberSec Roundup
A synopsis of the latest Cybersecurity News

Security Conference Targeted

The Iranian based hacking group, Phosphorus, targeted many high-profile attendees of the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia. Microsoft’s Threat Intelligence Center detected the attack, where spoofed invitation emails were sent to various officials. Given the status of the potential attendees, this was most likely an intelligence gathering exercise.

Energy company ransom

The Netwalker hacking group successfully executed a ransomware attack on the multinational energy company Enel Group. The group added the company to their data leak site and is demanding a $14 million ransom.  Enel was also attacked in June by Snake ransomware, but they managed to contain the malware before it spread.

Healthcare under attack

The Cybersecurity and Infrastructure Security Agency warned American hospitals and healthcare providers that they are actively being targeted in cyberattacks using the Ryuk ransomware. Hospitals in Brooklyn and Vermont were recently attacked by the UNC1878 group. As hospitals are under pressure during the pandemic, ransomware groups are looking to prey on hospitals and pressure them into paying ransoms with peoples’ health at stake

Criminal Enterprise

REvil ransomware group claims to have made over $100 million in profit this year. The group develops the malware and provides it to affiliates who execute the attacks on corporate victims. REvil would set the ransom amount, negotiate and collect the funds from the victims. They then spilt the funds with their affiliates who take 70%-80% of the ransom.

By: David Pinder
IT & Security Consultant
Certified Ethical Hacker