CyberSec Roundup
A synopsis of the latest Cybersecurity News
Ransomware Extortion Payments Decline
In the 3rd quarter of 2020, Coveware reported that ransomware payments had increased, mainly due to attackers targeting public sector organizations that were more willing to pay up. However, those payments have decreased in the 4th quarter of 2020 to $49,000 from an average of $154,000. This seems to be attributed to the fact that victims are realizing that ransomware groups cannot be trusted to not release their information, even if they are paid. Some victims have also realized that their encrypted data was deleted even after they paid for the decryption key. Hopefully this trend of decreased rewards for cyber extortion continues.
Plex Systems Hijacked for DDoS attacks
Plex is a streaming platform that allows users to stream their media libraries within their own home network or externally to other trusted friends over the internet. However, NETSCOUT disclosed that Plex servers which are exposed to the internet could be unwittily used for DDoS attacks. It has been estimated that 37,000 Plex servers could be abused for this type of attack. Plex has currently working on a patch for the issue, and maintain that an attacker can’t use the vulnerability to compromise the Plex user’s device security or privacy.
Office 365 Phishing Attacks on the rise
Microsoft indicated that there has been an increase in phishing attacks using malicious Office 365 OAuth apps. A legitimate Office 365 OAuth app is used to grant access to your Office account to another app or entity that you trust. Attackers are fooling users by impersonating organizations that the users would trust via email, and getting them to click on malicious OAuth URLs to access a document. Microsoft has advised organizations to protect their remote workers by educating them on the dangers of this type of consent phishing.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker