Perimeter Protection is No Longer Sufficient.

The number of cybersecurity attacks and incidents that have occurred in recent months continues to grow rapidly. Humans tend to normalize an event when it occurs frequently and downplay its importance, especially when it does not affect them. If we look back only 2 months, in April and May 2021:

• Use of Windows BITS to evade Firewalls (link).
• A 22-year-old accused of hacking the water supply network (link).
• Failures in Citrix hypervisor may allow code execution on virtual machines (link).
• The German parliament under attack (link) with spear phishing
• Several APT groups attack Fortinet servers with FortiOS to exploit unpatched vulnerabilities from 2018 (link).
• 533 million leaked Facebook phone numbers (link).
• Applus+ stops a cyberattack that interrupted its activity (link).
• The identity of an official government website is stolen to sell sneakers (link).
• Phishing campaign impersonating the Tax Agency (link) to install malware
• Malware campaign via LinkedIn (link).
• Data of 500 million LinkedIn users leaked (link).
• BleedingTouch – Bluetooth Bug in Linux that allowed remote code execution with kernel privileges (link).
• Malware that spreads via WhatsApp (link).
• Exploiting Windows RPC (link).
• Denial of service in IPv6 in Windows (link).
• The Android Gigaset update server was hacked to install malware on devices (link).
• 0-day for Chrome and Microsoft Edge (link).
• 9 vulnerabilities in TCP/IP affect 100 million IoT devices (link).
• 0-day of the Windows window manager (link).
• The Phone House affected by Ransomware (link link).
• Airstrike Attack – Encryption bypass on Windows domain computers (link).
• Hacks in Microsoft Exchange (link).
• Cyberattack on Avalia manages to extract 7GB of confidential information (link).
• Vincle, another company attacked by Ransomware (Babuk) – link.
• Ransomware attack on the University of Castilla la Mancha (link)
• 0-day vulnerability of Pulse Secure VPN (link).
• Revil threatens Apple to leak designs after compromising Quanta (link).
• Massive attack on QNAP devices (link).
• Bypass of digital signature validation in MSI packages may allow the installation of packages (link).
• Privilege escalation in MySQL in Windows (link).
• Attack on the INE and other ministries (link).
• Mappings of APT groups in North Korea, USA, China and Russia (link, link link link).
• Privilege escalation in Windows RPC (link).
• Babuk (RansomWare) affects the Washington DC police (link).
• Data leak from Real Madrid (link).
• 2 0-day for iOS and iPadOS (link).
• Mobile applications expose AWS key data (link).
• They hack a Tesla car remotely from a drone (link)
• A vulnerable Dell driver puts millions of systems at risk (link link).
• Critical error in VMWare vRealize Business (link).
• A Qualcomm vulnerability has impacted about 40% of mobile phones (link).
• A flaw in Foxit Reader allows malicious code to be executed through PDF (link).
• A Ransomware attack stops the largest fuel pipeline in the US (link).
• Almost all WiFi devices are vulnerable to FragAttacks (link).
• 0-day for Adobe Acrobat (link).
• A cyberattack forces the Irish health system to shut down its computer system (link).
• Toshiba affected by DarkSide (RansomWare) (link).
• Vulnerability in IIS that allows malicious code to be executed in the Windows kernel (link).
• Axa affected by ransomware (link).
• They hack the networks of Russian federal agencies (link).