At Camel Secure we want you to be informed. That is why we present you this summary with the most important news in cybersecurity of the week
50,000 ATTEMPTED RANSOMWARE ATTACKS AGAINST EXCHANGE, ACCORDING TO CHECK POINT
Security firm Check Point released a report stating that there was a 57% increase in overall ransomware attacks in the last six months, affecting some 3,868 organizations globally.
The company indicated that ransomware would be rampant and that attacks with the WannaCry worm increased by 53%. This surprised the specialists, since there are still entities that are affected by vulnerabilities from four years ago.
According to the report, in recent weeks the ransomware attacks on Microsoft Exchange servers documented by the company exceeded 50 thousand.
The organizations most affected in this wave of attacks are concentrated in the United States (49%), followed by the United Kingdom (5), the Netherlands (4%) and Germany (4%).
The entities most affected have been governments, military organizations, manufacturing industries, the financial sector and banking.
Microsoft patched the Exchange vulnerabilities in early March, but attackers are still taking advantage of exploiting the vulnerability in organizations that have not taken the respective security measures.
BACKDOOR IN SOURCE CODE COMPROMISES PHP GIT SERVER
Cyber attackers threatened the official PHP GIT server by putting a backdoor in the source code of the programming language.
Nikita Popov, a well-known maintainer and developer of PHP, and one of the identities that the attackers tried to impersonate, reported earlier this week that they still did not know exactly how the incident had occurred, but everything pointed to a compromise of the got.php.net server.
The incident would have been detected in a routine inspection by some of the collaborators. Apparently, the attackers wanted to involve the Zerodium company in the incident.
As a result of the incident, PHP is promoting new security measures for developers who want to contribute to the repository, having to become members and use double factor authentication.
RANSOMWARE REPORTEDLY DISRUPTED AUSTRALIAN TV CHANNEL
Last week the broadcasts of the Australian network TV 9 News were affected by a cyberattack that interrupted its regular broadcast.
Several media in that country reported on the incident, noting that the solution could take several days.
As a direct consequence of the attack, 9 Network had to move its broadcast center from the city of Sydney to Melbourne.
The television network reported that an attack of this nature against a media outlet was unprecedented.
Experts have pointed out that it could be ransomware, although a ransom note was not issued.
This incident is added to a series of attacks that have affected different agencies of the country's government, as well as the parliament.
