Canon publicly confirms August ransomware attack, Sophos notifies customers of data exposure, and more

Originally published at:

Round Up of Major Breaches and Scams

Sophos notifies customers of data exposure after database misconfiguration

UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week. Exposed information included details such as customer first and last names, email addresses, and phone numbers (if provided).

DDoS Attacks Against Online Retailers Increase Four-Fold During Pandemic

The number of DDoS attacks targeting e-commerce in Europe has increased four-fold over the last eight months. According to research by Stormwall, between February and October 2020, the number of DDoS attacks targeted at online retail services quadrupled compared to the same period last year.

SSH-backdoor Botnet With ‘Research’ Infection Technique

Security expert Tolijan Trajanovski analyzed an SSH-backdoor Botnet that implements an interesting ‘Research’ infection technique. In a recent tweet, the malware researcher @0xrb shared a list containing URLs of recently captured IoT botnet samples. Among the links, there was an uncommon example, a URL behind a Discord CDN, which as pointed by the IoT malware researcher @_lubiedo, may be difficult to block.

Round Up of Major Malware and Ransomware Incidents

Canon publicly confirms August ransomware attack, data theft

Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers. On August 5, Canon USA sent out a company-wide notification informing employees of extensive system issues that made multiple applications – Teams and email among them, unavailable.

New Egregor Ransomware Steps into Maze Group’s Shoes

Security experts are warning that a new ransomware group is rapidly escalating threat activity, with double extortion attacks on scores of victims so far in Q4. The Egregor group first came to light with an attack on Barnes & Noble and video game developers Ubisoft and Crytek back in October. In fact, the group has been active since September, when it compromised 15 victims. Then came a massive 240% spike in numbers, with 51 organizations hit the following month. As of November 17, it had added a further 21 victims.

1 Like