Cyber Security December 2018

This posting is here to collect security alert news in September 2018.

I post links to security vulnerability news to comments of this article.

You are also free to post related links.


  1. Tomi Engdahl says:

    How one hacked laptop led to an entire network being compromised
    One worker clicking on the wrong link at the wrong time resulted in a major security breach.

    A corporate laptop being used in a coffee shop at a weekend was enough to allow a sophisticated cybercrime group to compromise an organisation’s entire infrastructure.

    The incident was detailed by cybersecurity firm Crowdstrike as part of its Cyber Intrusion Services Casebook 2018 report and serves as a reminder that laptops and other devices that are secure while running inside the network of an organisation can be left exposed when outside company walls.

    Crowdstrike described the company that fell victim to the hackers only as apparel manufacturer “with an extensive global presence, including retail locations”.

    The incident began when an employee of the manufacturer took their laptop to a coffee shop and used it to visit the website of one of the firm’s partners.

    The security researchers said the user visited the site after being directed there by a phishing email — and that the site had been compromised by FakeUpdates, a malware and social engineering campaign affecting thousands of Joomla and WordPress sites.

    The malware shows users pop-ups which claim their browser software needs updating. In this instance, the laptop was then infected with the Dridex banking trojan and the PowerShell Empire post-exploit toolset.

    The security software being used by the clothing company — Crowdstrike didn’t name the vendor — relied on devices being inside the corporate network to pick up threats.

    Global hacking campaign takes aim at finance, defence and energy companies

    Targets around the world are in the sights of a cyber espionage operation, which could have links to North Korea.

  2. Tomi Engdahl says:

    IT firms, telcos among dozens hacked in new info-stealing malware attack

    Seedworm hacking operation adopts new techniques to speed up attacks – but it’s come at a cost that’s allowed researchers to uncover their activity.

  3. Tomi Engdahl says:

    The Return of The Charming Kitten
    A review of the latest wave of organized phishing attacks by Iranian state-backed hackers

    Phishing attacks are the most common form of infiltration used by Iranian state-backed hackers to gain access into accounts. Certfa reviews the latest campaign of phishing attacks that has been carried out and dubbed as “The Return of The Charming Kitten”.

    In this campaign, hackers have targeted individuals who are involved in economic and military sanctions against the Islamic Republic of Iran as well as politicians, civil and human rights activists and journalists around the world.

  4. Tomi Engdahl says:

    Yrityksen puhelinpalvelu antaa pyydettäessä suomalaisten salattuja osoitetietoja: jopa presidentti Niinistön yksityiskodin osoite kerrottiin

  5. Tomi Engdahl says:

    European Union diplomatic communications ‘targeted by hackers’

    Hackers successfully targeted the European Union’s diplomatic communications over a period of several years, The New York Times reports.

    Thousands of messages were intercepted in which diplomats referenced a range of subjects from US President Donald Trump to global trade.

    The breach was reportedly discovered by the cyber-security company Area 1.

    European officials say that information marked as confidential and secret was not affected by the three-year hack.

  6. Tomi Engdahl says:

    ASUS, GIGABYTE Drivers Contain Code Execution Vulnerabilities – PoCs Galore

    Four drivers from ASUS and GIGABYTE come with several vulnerabilities that can be leveraged by an attacker to gain higher permissions on the system and to execute arbitrary code.

    In total, there are seven vulnerabilities affecting five software products, and researchers wrote exploit code for each of them. Many of them might still be unaddressed.

    Two of the vulnerable drivers are installed by the Aura Sync software (v1.07.22 and earlier) from ASUS and the flaws they carry can be exploited for local code execution.

    The drivers from GIGABYTE are distributed with motherboards and graphics cards of the same brand as well as from the company’s subsidiary, AORUS.

  7. Tomi Engdahl says:

    Microsoft officially announces ‘Windows Sandbox’ for running applications in isolation

    Microsoft’s coming ‘Windows Sandbox’ feature is a lightweight virtual machine that allow users to run potentially suspicious software in isolation. It could debut in Windows 10 19H1.

  8. Tomi Engdahl says:

    NASA fears hackers may have stolen employee data

    A probe launched immediately after the discovery of the suspected incident has yet to establish the scale of the potential damage

  9. Tomi Engdahl says:

    Remote Firmware Attack Renders Servers Unbootable

    Security researchers have found a way to corrupt the firmware of a critical component usually found in servers to turn the systems into an unbootable hardware assembly. The recovery procedure requires physical intervention to replace the malicious firmware.

    Achieving this is done via regular tools used to keep the baseboard management controller (BMC) up to date.

    BMCs are specialized microcontrollers (more like independent micro-computers) embedded on virtually all server motherboards; they are also present in high-end switches, JBOD (just a bunch of disks) and JBOF (just a bunch of flash) types of storage systems.

    Next level in destructive cyber attacks

    Although deploying the malicious BMC update is possible from a remote location, the destructive step represents the final stage of an attack, so initial access to the target is needed.

    “This malicious BMC firmware update contains additional code that, once triggered, will erase the UEFI system firmware and critical components of the BMC firmware itself,” they explain in a blog post today.

  10. Tomi Engdahl says:

    Economics of Vulnerability Disclosure

    Vulnerability disclosure refers to the process of identifying, reporting and patching weaknesses of software, hardware or services that can be exploited. The different actors within a vulnerability disclosure process are subject to a range of economic considerations and incentives that may influence their behaviour. These economic aspects of vulnerability disclosure are often overlooked and poorly understood, but may help explain why some vulnerabilities are disclosed responsibly while others are not.

  11. Tomi Engdahl says:

    How Hackers Bypass Gmail 2FA at Scale

    A new Amnesty International report goes into some of the technical details around how hackers can automatically phish two-factor authentication tokens sent to phones.

    If you’re an at risk user, that extra two-factor security code sent to your phone may not be enough to protect your email account.

    Hackers can bypass these protections, as we’ve seen with leaked NSA documents on how Russian hackers targeted US voting infrastructure companies. But a new Amnesty International report gives more insight into how some hackers break into Gmail and Yahoo accounts at scale, even those with two-factor authentication (2FA) enabled.

    They do this by automating the entire process, with a phishing page not only asking a victim for their password, but triggering a 2FA code that is sent to the target’s phone. That code is also phished, and then entered into the legitimate site so the hacker can login and steal the account.

    The news acts as a reminder that although 2FA is generally a good idea, hackers can still phish certain forms of 2FA, such as those that send a code or token over text message, with some users likely needing to switch to a more robust method.

    When Best Practice Isn’t Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users


    We have identified several campaigns of credentials phishing, likely operated by the same attackers, targeting hundreds of individuals spread across the Middle East and North Africa.
    In one campaign, the attackers were particularly going after accounts on popular self-described “secure email” services, such as Tutanota and ProtonMail.
    In another campaign, the attackers have been targeting hundreds of Google and Yahoo accounts, successfully bypassing common forms of two-factor authentication.

    From the arsenal of tools and tactics used for targeted surveillance, phishing remains one of the most common and insidious form of attack affecting civil society around the world. More and more Human Rights Defenders (HRDs) have become aware of these threats. Many have taken steps to increase their resilience to such tactics. These often include using more secure, privacy-respecting email providers, or enabling two-factor authentication on their online accounts.

  12. Tomi Engdahl says:

    Hacked European Cables Reveal a World of Anxiety About Trump, Russia and Iran

    Updated Wednesday, Dec. 19: The United Nations spokesman has issued a comment about the breach and the National Security Agency said it would decline to comment. Both are included in the story below.

    Hackers infiltrated the European Union’s diplomatic communications network for years, downloading thousands of cables that reveal concerns about an unpredictable Trump administration and struggles to deal with Russia and China and the risk that Iran would revive its nuclear program.

    In one cable, European diplomats described a meeting between President Trump and President Vladimir V. Putin of Russia in Helsinki, Finland, as “successful (at least for Putin).”

  13. Tomi Engdahl says:

    ‘Thousands’ of EU Diplomatic Cables Hacked: Report

    Hackers apparently connected to China accessed thousands of sensitive EU diplomatic cables, the New York Times reported Wednesday, in the latest embarrassing data breach to hit a major international organization.

    The cables from the EU’s diplomatic missions around the world reveal anxiety about how to handle US President Donald Trump as well as concerns about China, Russia and Iran.

    The leak, discovered by cybersecurity firm Area 1, recalls the publication by Wikileaks of a vast haul of US State Department cables in 2010, though in the EU case the trove is much smaller and consists of less secret communications, the NYT reported.

  14. Tomi Engdahl says:

    DoD Lacks Visibility into Software Inventories, Audit Finds

    The U.S. Department of Defense lacks visibility into software inventories, a review of Marine Corps, Navy, and Air Force commands and divisions reveals.

    The audit found that the Marine Corps divisions and the Navy commands had a process in place to prevent duplication when purchasing applications, but the Air Force did not. Moreover, only the U.S. Fleet Forces Command had a process to eliminate duplicative or obsolete software applications.

  15. Tomi Engdahl says:

    Servers Can Be Bricked Remotely via BMC Attack

    Hackers could remotely brick servers by launching firmware attacks that involve the Baseboard Management Controller (BMC), researchers at firmware security company Eclypsium have demonstrated.

  16. Tomi Engdahl says:

    U.S. Sanctions Russians for Hacking, Election Interference

    The U.S. Treasury Department on Wednesday announced sanctions against nearly two dozen Russia-related individuals and entities over their roles in election interference, hacking the World Anti-Doping Agency (WADA), and other malicious activities.

    The Treasury Department said these individuals and entities have been added to the Office of Foreign Assets Control’s (OFAC) Specially Designated Nationals (SDN) list “in response to Russia’s continued disregard for international norms.”

    A total of nine officers of Russia’s GRU military intelligence service have been sanctioned for their direct involvement in efforts to interfere in the 2016 presidential election in the United States. These and other individuals were indicted in July for hacking the systems of the Democratic Party in an effort to steal documents and emails.

    “These nine individuals worked within Unit 26165 and Unit 74455 of the GRU,” the Treasury Department said. “

  17. Tomi Engdahl says:

    Cybercriminals Host Malicious Payloads on Google Cloud Storage

    A malicious email campaign targeting employees of banks and financial services companies in the United States and the United Kingdom has been abusing Google Cloud Storage for payload delivery, Menlo Labs security researchers say.

    As part of the attacks, the malicious actor attempts to trick users into clicking on malicious links to archive files such as .zip or .gz. The malicious payloads, which the researchers identified as being part of the Houdini and QRat malware families, were hosted on, the domain of the Google Cloud Storage service.

  18. Tomi Engdahl says:

    Russian Cyberspies Build ‘Go’ Version of Their Trojan

    The Russian-linked cyber-espionage group Sofacy has developed a new version of their Zebrocy tool using the Go programming language, Palo Alto Networks security researchers warn.

    The first-stage malware was initially analyzed in April this year, and has been observed in numerous attacks in October and November. Last month, however, the researchers also observed a new Trojan being used in the group’s attacks.

    Also known as APT28, Fancy Bear, Pawn Storm, Sednit and Strontium, the state-sponsored actor has been active for several years, focusing on cyber-espionage and believed to have orchestrated the attacks targeting the 2016 presidential election in the United States.

    The group hit Ukraine and NATO countries over the past years, but a recent report revealed governmental targets on four continents. An October report from Kaspersky revealed that the activities of various nation-state Russian groups started to overlap.

    The group has used different programming languages to build functionally similar Trojans before, and the Zebrocy tool went through this process as well, with numerous variants developed in AutoIt, Delphi, VB.NET, C# and Visual C++ already observed.

    The recently discovered Go variant of Zebrocy has been already used in attacks

  19. Tomi Engdahl says:

    Quarter of Healthcare Organizations Hit by Ransomware in Past Year: Study

    One in four (27%) employees of healthcare organizations in North America admit to being aware of a ransomware attack targeting their employer over the past year, a new Kaspersky Lab survey reveals.

  20. Tomi Engdahl says:

    Google Finds Internet Explorer Zero-Day Exploited in Targeted Attacks

    An out-of-band update released by Microsoft on Wednesday for its Internet Explorer web browser patches a zero-day vulnerability exploited by malicious actors in targeted attacks.

    Microsoft has credited Clement Lecigne of Google’s Threat Analysis Group for reporting the vulnerability, but neither Microsoft nor Google have shared any details about the attacks involving the flaw.

    The security hole is tracked as CVE-2018-8653 and it has been described as a remote code execution vulnerability related to how the scripting engine used by Internet Explorer handles objects in memory.

  21. Tomi Engdahl says:

    15 miljoonaa hyökkäystä päivässä
    Tietoturvayhtiö Check Point on julkistanut tietoturvaennusteensa ensi vuodelle. Ikävä kyllä moni asia pysyy ennallaan ensi vuonna. Hyökkäysten määrä ei ole ainakaan vähentymässä. – Eilen kirjasimme 15 miljoonaa verkkohyökkäystä,

  22. Tomi Engdahl says:

    Ime Archibong / Facebook:
    Facebook confirms Spotify, Netflix, Dropbox, and RBC had read/write/delete access for messaging integrations, says it was experimental and ended three years ago — In the past day, we’ve been accused of disclosing people’s private messages to partners without their knowledge.

    Facts About Facebook’s Messaging Partnerships

    Ryan Vlastelica / Bloomberg:
    Facebook’s stock closed down 7% on Wednesday following a New York Times story and a lawsuit from the District of Columbia’s AG

    Facebook Has Biggest Plunge Since July as ‘Another Shoe’ Drops

    The lawsuit comes at a time when investors are increasingly concerned that Facebook could be facing greater regulatory pressure.

    “Another shoe dropped today, but when we think about Facebook’s fundamentals, its buyback program, we think it looks very attractive from a valuation perspective,” JMP Securities analyst Ron Josey said in a phone interview. “A lot of these issues are in the past or have been fixed, and we think we’re getting to a point where they’ve been priced in.”

  23. Tomi Engdahl says:

    Charlie Warzel / BuzzFeed News:
    Report: some apps using Facebook’s SDK, like Grindr and Bible+, send user info to Facebook, including location, where users click, and how long the app is used

    Apps Are Revealing Your Private Information To Facebook And You Probably Don’t Know It

    Facebook provided developers with tools to build Facebook-compatible apps like Tinder, Grindr and Pregnancy+. Those apps have been quietly sending sensitive user data to Facebook.

  24. Tomi Engdahl says:

    UK’s Gatwick airport was shut down on Wednesday and Thursday after drones were seen flying over the runway; about 760 flights were due to fly on Thursday — Tens of thousands of passengers have been disrupted by drones flying over one of the UK’s busiest airports.

    Gatwick Airport: Drones ground flights

    Tens of thousands of passengers have been disrupted by drones flying over one of the UK’s busiest airports.

    Gatwick’s runway has been shut since Wednesday night, as devices have been repeatedly flying over the airfield.

    Sussex Police said it was not terror-related but a “deliberate act” of disruption, using “industrial specification” drones.

    About 110,000 passengers on 760 flights were due to fly on Thursday. Disruption could last “several days”.

    Defence Secretary Gavin Williamson has confirmed the Army has been called in to support Sussex Police.

    Those due to travel have been told to check the status of their flight

    The shutdown started just after 21:00 on Wednesday, when two drones were spotted flying “over the perimeter fence and into where the runway operates from”.
    The runway briefly reopened at 03:01 on Thursday but was closed again about 45 minutes later amid “a further sighting of drones”.

    police had not wanted to shoot the devices down because of the risk from stray bullets

    About 10,000 passengers were affected overnight on Wednesday
    About 11,000 people are stuck at the airport

    The Civil Aviation Authority said it considered this event to be an “extraordinary circumstance”, and therefore airlines were not obligated to pay any financial compensation to passengers.

    Gatwick Airport drones: ‘Absolute shambles’ as flights cancelled

    Drones flying over Gatwick Airport have caused Christmas travel chaos for thousands.

  25. Tomi Engdahl says:

    Arno Schuetze / Reuters:
    Amazon gives a German Alexa user, who requested his personal data under GDPR, access to 1,700 audio files of another user; Amazon says it was due to human error — FRANKFURT (Reuters) – A user of Amazon’s (AMZN.O) Alexa voice assistant in Germany got access to more than a thousand recordings …

    Amazon error allowed Alexa user to eavesdrop on another home

    A user of Amazon’s (AMZN.O) Alexa voice assistant in Germany got access to more than a thousand recordings from another user because of “a human error” by the company.

    The customer had asked to listen back to recordings of his own activities made by Alexa but he was also able to access 1,700 audio files from a stranger when Amazon sent him a link, German trade publication c’t reported.

    “This unfortunate case was the result of a human error and an isolated single case,” an Amazon spokesman said on Thursday.

  26. Tomi Engdahl says:

    Lawrence Abrams / BleepingComputer:
    Microsoft releases out-of-band security update for Internet Explorer that fixes a remote code execution vulnerability allowing attackers to hijack computers — Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer.

  27. Tomi Engdahl says:

    Read, Write, Delete permissions make sense in this context. You shouldn’t give permissions or access to things you don’t want accessing other things. Makes you wonder though, how could this go bad?

    Facebook tries to explain why companies could erase your messages

    “In the past day, we’ve been accused of disclosing people’s private messages to partners without their knowledge,” Facebook said. “That’s not true.”

    Facebook Inc. took a second stab at convincing its 2.3 billion users that it didn’t allow more than 150 other companies to misuse their personal data on Wednesday night after its valuation fell by more than $28 billion on the stock market.

    Facebook for many years gave more than 150 companies extensive access to personal data — focused narrowly on the contention in the Times report that emerged as the most controversial: that Facebook gave four companies access to read, write and delete users’ messages.

    Spotify Ltd., Netflix Inc., Dropbox Inc. and the Royal Bank of Scotland — were granted automated access to users’ messages so Facebook users could send Facebook messages to other Facebook users without leaving the Spotify, Netflix, Dropbox or Royal Bank apps.

    Far from being a nefarious leaking of private data, the read/write/delete access “was the point of this feature,” Archibong said.

    “We worked with them to build messaging integrations into their apps so people could send messages to their Facebook friends,”

  28. Tomi Engdahl says:

    With Mirai Comes Miori: IoT Botnet Delivered via ThinkPHP Remote Code Execution Exploit

    We analyzed another Mirai variant called “Miori,” which is being spread through a Remote Code Execution (RCE) vulnerability in the PHP framework, ThinkPHP.

    details about it have only surfaced on December 11. For its arrival method, the IoT botnet uses the said exploit that affects ThinkPHP versions prior to 5.0.23 and 5.1.31.

    ThinkPHP framework | Chinese best practice PHP open source framework, focus on WEB application rapid development for 8 years!

  29. Tomi Engdahl says:

    The British government wants to include a “ghost” user or device in otherwise private conversations, requiring the most secure tech products available today to lie to their users, via secret orders that their designers cannot refuse without risking prosecution. This would “likely slow down progress for years to come,” says Matthew Green

    On Ghost Users and Messaging Backdoors

    The past few years have been an amazing time for the deployment of encryption. In ten years, encrypted web connections have gone from a novelty into a requirement for running a modern website. Smartphone manufacturers deployed default storage encryption to billions of phones. End-to-end encrypted messaging and phone calls are now deployed to billions of users.

    While this progress is exciting to cryptographers and privacy advocates, not everyone sees it this way. A few countries, like the U.K. and Australia, have passed laws in an attempt to gain access to this data, and at least one U.S. proposal has made it to Congress.

    asking tech companies to deploy “responsible encryption“.

    What, exactly, is “responsible encryption”? Well, that’s a bit of a problem. Nobody on the government’s side of the debate has really been willing to get very specific about that. In fact, a recent speech by U.S. Deputy Attorney General Rod Rosenstein implored cryptographers to go figure it out.

  30. Tomi Engdahl says:

    The Amazon Alexa Eavesdropping Nightmare Came True

    An Amazon user in Germany recently requested data about his personal activities and inadvertently gained access to 1,700 audio recordings of someone he didn’t know.

  31. Tomi Engdahl says:

    Terrorist Content Regulation: Warnings from the UN and the CoE

    On 11 December 2018, three United Nations Special Rapporteurs published a joint Report on the European Union’s proposal for a Regulation to prevent the dissemination of terrorist content online.

    raises a number of serious concerns regarding the definitions used in the draft legislation and the competences and obligations it gives to national authorities.

    The congruent demands of international expert organisations highlight that substantial reform of the proposal is imperative to avoid sliding further into an already worrying trend of undermining the rule of law in the fight against terrorism.

    the analysis compellingly outlines the inherent dangers of “catch-all” labels such as “glorification of terrorism” and the use of counter-terrorism legislation to suppress political opponents

    Thus, both the UN experts and the Council of Europe Commissioner outline perfectly that the scope of counter-terrorism legislation needs to be clearly and narrowly delimited: If statements that offend or shock a population are no longer protected by the freedom of expression, open and democratic societies are not safeguarded, but endangered.

  32. Tomi Engdahl says:

    FBI kicks some of the worst ‘DDoS for hire’ sites off the internet

    The FBI has seized the domains of 15 high-profile distributed denial-of-service (DDoS) websites after a coordinated effort by law enforcement and several tech companies.

    “DDoS for hire services such as these pose a significant national threat,” U.S. Attorney Bryan Schroder said in a statement.

    DDoS attacks have long plagued the internet as a by-product of faster connection speeds and easy-to-exploit vulnerabilities in the underlying protocols that power the internet. Through its Internet Crime Complaint Center (IC3), the FBI warned over a year ago of the risks from booter and stresser sites amid a wider concern about the increasing size and scale of powerful DDoS attacks.

  33. Tomi Engdahl says:

    At Blind, a security lapse revealed private complaints from Silicon Valley employees

    One of its servers storing user data and messages was exposed without a password.

    Thousands of people trusted Blind, an app-based “anonymous social network,” as a safe way to reveal malfeasance, wrongdoing and improper conduct at their companies.

    But Blind left one of its database servers exposed without a password, making it possible for anyone who knew where to look to access each user’s account information and identify would-be whistleblowers.

    Blind only pulled the database after TechCrunch followed up by email a week later.

    Kim said that there is “no evidence” that the database was misappropriated or misused, but did not say how it came to that conclusion. When asked, the company would not say if it will notify U.S. state regulators of the breach.

  34. Tomi Engdahl says:

    Two Chinese Hackers Associated With the Ministry of State Security Charged with Global Computer Intrusion Campaigns Targeting Intellectual Property and Confidential Business Information

  35. Tomi Engdahl says:

    Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter

    A security researcher with Twitter alias SandboxEscaper today released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft’s Windows operating system.

    SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day vulnerabilities, leaving all Windows users vulnerable to the hackers until Microsoft patched them.

    The newly disclosed unpatched Windows zero-day vulnerability is an arbitrary file read issue that could allow a low-privileged user or a malicious program to read the content of any file on a targeted Windows computer that otherwise would only be possible via administrator-level privileges.

  36. Tomi Engdahl says:

    SQLite bug impacts thousands of apps, including all Chromium-based browsers

    New ‘Magellan’ vulnerability will haunt the app ecosystem for years to come.

  37. Tomi Engdahl says:

    Caribou Coffee chain announces card breach impacting 239 stores

    Almost 40 percent of the company’s coffee stores impacted by breach of its POS system.

  38. Tomi Engdahl says:

    Law enforcement shut down DDoS booters ahead of annual Christmas DDoS attacks

    Law enforcement launch preemptive strike to shut down some of the DDoS services that may be abused to attack gaming services over the Christmas holiday.

  39. Tomi Engdahl says:

    Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

  40. Tomi Engdahl says:


    Magellan is a number of vulnerabilities that exist in SQLite. These vulnerabilities were discovered by Tencent Blade Team and verified to be able to successfully implement remote code execution in Chromium browsers. As a well-known database, SQLite is widely used in all modern mainstream operating systems and software, so this vulnerability has a wide range of influence. SQLite and Google had confirmed and fixed this vulnerability. We will not disclose any details of the vulnerability at this time, and we are pushing other vendors to fix this vulnerability as soon as possible.

  41. Tomi Engdahl says:

    Shamoon Returns to Wipe Systems in Middle East, Europe

    Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims.

    Destructive attacks have a critical impact on businesses, causing the loss of data or crippling business operations. When a company is impacted, the damage can be significant. Restoration can take weeks or months, while resulting in unprofitability and diminished reputation.

    Recent attacks have demonstrated how big the damage can be. Last year NotPetya affected several companies around the world. Last February, researchers uncovered OlympicDestroyer, which affected the Olympic Games organization.


Leave a Comment

Your email address will not be published. Required fields are marked *