Blog de Camel Secure

Cyber Summary of the Week

Escrito por Camel Secure | 09-04-2021 9:15:00

At Camel Secure we want you to be informed. That is why we present you this summary with the most important news in cybersecurity of the week

 

533 MILLION FACEBOOK ACCOUNTS PUBLISHED ONLINE

The personal information of 533 million Facebook accounts of users from 106 countries was exposed in a public forum on the internet last weekend. The company pointed out that the incident dates from 2019, but some sites such as Insider and Wired have expressed certain doubts regarding this version.

The uncertainty about what happened generated an echo in the European Union, specifically in Ireland, where the Data Protection Commission of that country (DPC) initiated an investigation into this massive leak of information.

In the 2019 incident, the company reported 419 million leaked data (an old data), which, according to Facebook, was timely reported and the problem was found and fixed in August of that same year.

The DPC is currently examining the matter to determine if the incident known this weekend is the same one reported in 2019.

Because the incident two years ago took place before the implementation of GDPR in Europe, there was no obligation to report the incident.

The main doubts point to the nature of the incident, but also to the universe of affected accounts.

In July 2019, the company agreed with the United States Federal Trade Commission, which requires the company to report security violations.

HACKERS USE OLD FORTINET VULNERABILITIES TO ATTACK GOVERNMENT, COMMERCE AND TECHNOLOGY NETWORKS

The United States Cybersecurity and Infrastructure Security Agency (CISA) and the FBI reported last week on the exploitation of Fortinet FortiOS vulnerabilities by Advanced Persistent Threat (APT) actors.

Actors are exploiting vulnerabilities CVE-2018-13379 , CVE- 2020-12812 and CVE-2019-5591, with the purpose of gaining initial access to multiple government, commercial and technology services, CISA reported.

Fortinet's FortiOS is used by different departments of the United States federal government, as well as large companies to manage their networks. The advisory from both security agencies realizes that some critical organizations have not yet performed the mitigations that are available for several weeks or years.

The call from both agencies was to remedy the situation to avoid cybersecurity incidents.

SCOTLAND ENVIRONMENTAL AGENCY HAS INVESTED 1.1 MILLION DOLLARS IN CLEANING UP RANSOMWARE

The Scottish Environmental Protection Agency (SEPA) has invested 790,000 pounds (1.1 million dollars) to repair the damage caused after a ransomware attack that affected their systems on Christmas 2020.

SEPA, Scotland's main environmental regulator, was attacked last December by a criminal gang called Conti. After they refused to pay the ransomware, Conti has released information on "contracts, strategy papers and databases."

The agency publicly acknowledged the strong impact of the attack and indicated at the end of 2020 that “following the attack, we immediately promulgated our business continuity agreements and took immediate measures to limit the impact of the cyberattack, notifying the relevant authorities, including the Scottish Government, the Scottish Police, the National Cyber ​​Security Center and the Information Commissioner's Office, with whom we continue to work”.

The British network BBC obtained the figures on spending on cleaning up the attack after requesting it under freedom of information laws.