Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

German BSI agency warns of ransomware attacks over Christmas holidays

German BSI warns of ransomware attacks over the Christmas and end-of-year holidays, fearing Emotet return and attacks on Microsoft Exchange servers. The German cybersecurity authority BSI warns of ransomware attacks over the Christmas holidays, fearing the return of the Emotet botnet return. During this period offices are often closed and employees are at home, for […]

German BSI

German BSI warns of ransomware attacks over the Christmas and end-of-year holidays, fearing Emotet return and attacks on Microsoft Exchange servers.

The German cybersecurity authority BSI warns of ransomware attacks over the Christmas holidays, fearing the return of the Emotet botnet return. During this period offices are often closed and employees are at home, for this reason, their organizations are more exposed to ransomware attacks. 

The agency also warns of attacks that could exploit vulnerabilities in Microsoft Exchange to compromise mail servers of German organizations.

BSI urges German organizations to patch their systems.

“In times when the affected organizations may not be able to react as quickly as under normal circumstances.
During the same period in which Emotet became active again, the operators of ransomware-as-a-service (RaaS) Conti began actively recruiting new so-called affiliates.” reads the BSI’s alert.

“Based on experiences prior to the Emotet takedown in early 2021, waves of attacks carried out by the Emotet botnet, and subsequent execution of ransomware will increasingly hit German organizations in the coming weeks (especially
during the “Christmas holidays”).”

The German cybersecurity authority also urges organizations to implement preventive measures and increase the level of security to prevent Emotent and other malware infections.

At the end of November, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI also warned critical infrastructure partners of ransomware attacks during the holiday season.

Both agencies haven’t identified any specific threats, but recent trends let them into believing that threat actors could launch impactful ransomware attacks during holidays and weekends

US Government experts also warn of other malicious activities such as phishing scamsfraudulent sites spoofing reputable businesses, and unencrypted financial transactions.

Below is the list of actions recommended by the agencies to increase the level of security of their infrastructure:

  • Identify IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack. 
  • Implement multi-factor authentication for remote access and administrative accounts.
  • Mandate strong passwords and ensure they are not reused across multiple accounts. 
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored. 
  • Remind employees not to click on suspicious links, and conduct exercises to raise awareness. 

In August, the FBI and CISA issued a similar alert, titled “Ransomware Awareness for Holidays and Weekends,” to warn organizations to keep high their defenses against ransomware attacks during weekends or holidays.

The FBI and CISA recommend organizations conduct threat hunting on their networks aimed at searching for any signs of threat actor activity to prevent attacks before they occur or to minimize the impact of successful attacks.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, holidays)

[adrotate banner=”5″]

[adrotate banner=”13″]