Pantropic Newsletter #27

Posted December 28, 2023

by Sarah


Pantropic Newsletter #27 (December 2023)

Microsoft Outlook Users Told to Update Urgently to Fix Exploit


Microsoft is urgently advising Outlook users to install patches and enable two-factor authentication after a threat group exploited a vulnerability to secretly access email accounts. Despite fixes being available for months, some systems clearly remain dangerously unpatched and exposed. Users must update and reset passwords immediately to thwart continuing nation-state cyber attacks.



Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet


Researchers have uncovered active exploitation of two fresh zero-day vulnerabilities being used to infect routers and network video recorders with the notorious Mirai botnet malware. One flaw exists in a wireless router while the other impacts IP cameras. Scans show at least 7,000 devices are likely vulnerable, though the true number could be higher. The attacks require attackers to guess valid login credentials in order to inject commands for infection, putting devices with default or weak passwords at serious risk.

(Source: ArsTechnica)


Ransomware Gangs Are Collaborating To Attack Financial Services Firms


Cybersecurity researchers have exposed highly unusual collaboration occurring between three notorious ransomware groups who are jointly launching extortion campaigns against financial services companies. This cooperation is likely being enabled by initial access brokers working across cybercriminal groups, as well as displaced threat actors seeking new partners after law enforcement disruptions. The discovery highlights the alarming growth of ransomware alliances.

(Source: Cyber Security News)


Hacked for the Holidays: Five Actions to Undertake When Ransomware Strikes During the Holiday Season


With reduced holiday staffing, businesses face escalated ransomware threats during the season. When inevitable attacks occur, response should quickly determine the attack’s scope, isolate impacted servers before lateral spread, restore systems from recent backups in offline secure storage, identify if sensitive data was exfiltrated, and thoroughly scan backups for lurking malware before recovery. Staying vigilant is key.

(Source: CPO Magazine)


Military intelligence hacks Russian tax authorities


Ukraine’s military intelligence cyber units claim an extensive hack into thousands of Russian tax servers, alleging extraction of data before destroying entire federal and regional tax databases. Russia may struggle to restore tax system functionality for at least a month after the crippling attacks. The cyber sabotage aims to significantly disrupt a vital Russian state operation.

(Source: The KYIV Independent)


Backup and Data Security Solutions


This “white glove” managed service is the next generation secure offsite backup you need right now. We monitor your backups daily, help you troubleshoot any problems, and can assist you with restorations when you need it. Our Data Security Module can perform bi-directional anti-malware scans, content disarm and reconstruction (CDR), and protect your backups with biometric Deep MFA and multi-person workflow, crucial in stopping stolen credential attacks.


Leading desktop and laptop backup solution providing automated and continuous data backup protection with unlimited capacity backup licensing and flexible deployment options. Ensures fast and complete backup and recovery anytime, anywhere.


A next-generation endpoint protection platform using AI and machine learning to effectively stop breaches including true NGAV, endpoint detection and response (EDR), threat intelligence management and automation.


World’s largest security awareness training platform with simulated phishing attacks, educating and empowering employees to strengthen IT security against cybercriminals.


Copyright © 2023 Pantropic Online Pte Ltd. All rights reserved.