At Camel Secure we want you to be informed about cybersecurity news that could affect your business. That is why we present you this summary with the most important news of the week:
SOLAR WINDS WAS THE MOST SOPHISTICATED ATTACK IN HISTORY
Brad Smith, Microsoft President, said that the cyberattack against SolarWinds that compromise a series of US agencies was the "largest and most sophisticated attack" ever.
SolarWinds hackers got access to emails at the US Treasury, Justice and Commerce departments, and other agencies.
In an interview on CBS programme 60 minutes,, Smith suggested that about a thousand developers may have took part in the attack rewroting codes.
Smith agreed with the United States government in attributing the incident to an APT linked to Russia.
Despite the fact that the incident compromised about 18 thousand clients of the security firm that used the Orion red monitoring software, there are still several hundred organizations that expose their Orion facilities to the internet, reported the cybersecurity firm RiskRecon.
ANDROID SHAREIT APP BUG MAY CAUSE DATA TO BE STOLEN
SHAREit, an Android app that has been downloaded over a billion times, contains several unpatched vulnerabilities.
Researchers by TrendMicro discovered the vulnerabilities. If exploited correctly, the bug could leak sensitive user data and execute arbitrary code. The vulnerabilities could also lead to an RCE attack with vulnerable devices. The impact of the flaws could be devastating.
India, one of the countries with the most users, has already banned the application. The application is currently present in 200 countries with 1.8 billion users.
Lately, Andorid's threats are increasing. Netlab this month identified a botnet called "Matryosh" and ReversingLabs identified a new variant of Android spyware linked to Iran last December.
NORTH KOREA ACCUSED OF ATTEMPTING TO HACK PFIZER VACCINE
A South Korean member of Parliament reported by South Korean intelligence agencies, claimed that North Korean state-backed actors attempted to steal information about the Covid-19 vaccine.
"There were attempts to steal COVID vaccine and treatment technology during the cyberattacks and Pfizer was hacked," said Ha Tae-Keung, an opposition member of the parliamentary intelligence panel.
The MP did not elaborate on when the attack took place, but it appears to date back several months and involves the use of spoofed login pages for several online web portals.
The pharmaceutical company did not comment on the information.