This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Most of the vulnerabilities listed below can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access (T1133)1 or for external web services (T1190), and should be prioritized for immediate patching. (By National Security Agency)
The University of Vermont (UVM) health network is scrambling to recover its systems after a cyberattack has halted chemotherapy, mammogram and screening appointments, and led to 300 staff being furloughed or reassigned. (By Lindsey O'Donnell, Threatpost)
Microsoft is urging users to abandon telephone-based multi-factor authentication (MFA) solutions like one-time codes sent via SMS and voice calls and instead replace them with newer MFA technologies, like app-based authenticators and security keys. (By Catalin Cimpanu, ZDNet)
Capcom, the Japanese gaming giant behind the Street Fighter, Mega Man and Resident Evil franchises, has reported a major cybersecurity incident. The attackers have demanded an $11 million ransom payment. (By Lee Mathews, Forbes)
Cybersecurity insurance is no longer a luxury. As attacks have accelerated — and become more costly — the idea of hedging against a breach has gone mainstream. The global cyber-insurance market now stands at $7.8 billion, but it's projected to reach $20.4 billion by 2025, according to an October 2020 report from ResearchAndMarkets. (By Samuel Greengard, Dark Reading)