Internal Threats
















             A New Ransomware Is Targeting Network Attached Storage (NAS) Devices - A new ransomware
             family has been found targeting Linux-based Network Attached Storage (NAS) devices made by
             Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid,
             researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file
             storage units connected to a network or through the Internet, which allow users to store and share
             their data and backups with multiple computers. Independently discovered by researchers at two
             separate security firms, Intezer and Anomali, the new ransomware family targets poorly protected
             or vulnerable QNAP NAS servers either by brute forcing weak SSH credentials or exploiting known
             vulnerabilities.
                    Source: https://thehackernews.com/2019/07/ransomware-nas-devices.html



             More than 805,000 systems are still exposed to BlueKeep, study finds - Since May, security
             researchers have been sounding the alarm about the “BlueKeep” vulnerability in old Microsoft
             Windows operating systems. There has been a large movement to get users to patch for the flaw,
             which could be exploited at scale. Data released Wednesday by cybersecurity-ratings company
             BitSight Technologies show a mixed report card on how well organizations have closed that security
             hole. As of July 2, more than 805,000 operating systems that are online are still vulnerable to
             BlueKeep, the Boston-based company said. That leaves a broad potential attack surface for someone
             who exploits the vulnerability.
                    Source: https://www.cyberscoop.com/bluekeep-patching-study-bitsight/




             Damaging insider threats rise to new highs in the past year - 70 percent of organizations are more
             frequently seeing insider attacks, with 60 percent experiencing one or more within the last 12
             months, and 68 percent feeling “extremely to moderately” vulnerable to them, according to Nucleus
             Cyber. Not only are organizations seeing a dramatic increase of attacks from insiders, but 85 percent
             are finding it difficult to determine the actual damage being caused from each instance, especially in
             cloud environments. Since they’ve migrated to the cloud, 56 percent believe detecting insider
             attacks has become “significantly to somewhat” harder, and 39 percent identify cloud storage and
             file sharing applications the most vulnerable.

                    Source: https://www.helpnetsecurity.com/2019/07/26/damaging-insider-threats/













                                                    www.accumepartners.com