April 17, 2021

glimworm

Advances in world technology

BleepingComputer’s most common tech stories of 2020

Fortunately, 2020 is around, and we can glance ahead to a more healthy, safer, and a lot more usual 2021.

However, it was a huge year for technology and cybersecurity with large cyberattacks, worldwide outages, privacy fears, and new capabilities included to Windows.

Some tales, however, piqued the fascination of our audience extra than many others.

Down below we record the 10 most well-known tales at BleepingComputer in the course of 2020 with a summary of every single.

10. eBay and other web-sites port scanned guests desktops

 Researchers learned that eBay and other internet sites use a script to port scan visitors’ computers to verify for working distant accessibility and distant guidance plans.

These portscans examine for compromised personal computers producing fraudulent purchases or financial transactions.

eBay portscanning a computer
eBay portscanning a laptop or computer

9. U.S. govt warned that Ryuk Ransomware was actively focusing on hospitals

In a joint statement, the U.S. Cybersecurity and Infrastructure Protection Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Wellbeing and Human Expert services (HHS) warned the healthcare industry that the Ryuk ransomware operation was actively focusing on hospitals and professional medical centers.

This warning came after healthcare facility operator Universal Health Services, Sky Lakes Clinical Middle in Oregon, and St. Lawrence Wellbeing Process in New York had been strike by the Ryuk ransomware. Quickly soon after the warning, Wyckoff Heights Healthcare Heart in Brooklyn and the University of Vermont Health Community were being also hit by Ryuk.

8. ‘Meow’ assault deleted nearly 4,000 unsecured databases

An automated attack deleted practically 4,000 unsecured Elasticsearch, Cassandra, CouchDB, and MongoDB databases and renamed them to finish with the -meow extension.

Meow attack

7. The source code for dozens of firm’s software program leaked on the net

The non-public supply code for 50 businesses was revealed on the web in a giant leak called ‘exconfidential.’

This leak provided resource code for nicely-recognised businesses, such as Microsoft, Adobe, Lenovo, AMD, Qualcomm, Motorola, Hisilicon (owned by Huawei), Mediatek, GE Appliances, Nintendo, Roblox, Disney, Johnson Controls and the listing retains rising.

It is thought that the resource code for these corporations was collected by means of unsecured SonarQube installations.

6. Windows Zerologon vulnerability actively utilised by danger actors

As component of the August 2020 Patch Tuesday, Microsoft mounted the “CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability” that conveniently permits danger actors to consider control about a domain.

Soon after the information about the fix was printed, scientists commenced publishing evidence-of-thought ZeroLogon exploits that allowed you to attain administrative accessibility to a area controller.

With the community exploit launched, Microsoft warned that threat actors rapidly adopted them and exploited the ZeroLogon vulnerability in attacks.

5. Garmin suffered a all over the world outage immediately after a ransomware attack

In July, Wearable machine maker Garmin experienced a throughout the world outage for its connected providers and call centers. Just after a Garmin staff shared a screenshot of an encrypted laptop or computer, BleepingComputer was the 1st to confirm that the corporation suffered a WastedLocker ransomware attack.

In August, BleepingComputer attained accessibility to an executable developed by the Garmin IT section to decrypt a workstation and installs a wide variety of safety application on the equipment. This executable incorporated a decryptor for WastedLocker ransomware, indicating that Garmin compensated the ransom.

Garmin decryptor
Garmin decryptor

4. In the center of the pandemic, about 500K Zoom accounts had been sold online

With everyone all over the world working with Zoom for function and remaining in contact with relatives and friends through the pandemic, menace actors began selling 500K Zoom accounts on hacker forums and private revenue.

Sold Zoom Accounts
Bought Zoom Accounts

3. Microsoft deployed an update that induced Microsoft outlook to crash around the world

On July 15th, Microsoft Outlook started crashing globally and displaying an exception code 0xc0000005.

It turns out that Microsoft deployed a faulty update that, as soon as installed, induced Outlook to crash.

“Our initial overview of the out there details implies that just lately deployed updates are the most likely source of the dilemma. We’re carrying out an examination of all latest services updates to isolate the fundamental induce of the problem and to ascertain the most expedient indicates to restore assistance.”

Microsoft also experienced a massive Place of work 365 outage in October just after a services update mistakenly was introduced into the output natural environment.

2. Microsoft adds a designed-in packet sniffer to Home windows 10

In May possibly, BleepingComputer learned that Microsoft quietly added a developed-in command-line packet sniffer to Home windows 10.

Windows 10's Pktmon packet sniffer
Windows 10’s Pktmon packet sniffer

This new tool is known as Pktmon and lets you to monitor for picked visitors and help save it to a log file. Later updates to the program released PCAP assist and authentic-time monitoring.

PCAP aid is handy as it permits the log data files to be seen in common systems like WireShark.

1. SolarWinds breached to execute a source chain attack on shoppers

The calendar year shut with a enormous SolarWinds cyberattack where menace actors utilized the company’s Orion network administration system to distribute the SUNBURST backdoor to prospects.

This assault led to very well-regarded providers and U.S. governing administration organizations remaining breached, including:

  • FireEye
  • U.S. Office of the Treasury
  • U.S. Countrywide Telecommunications and Information Administration (NTIA)
  • U.S. Department of Point out
  • The Nationwide Institutes of Health (NIH) (Portion of the U.S. Division of Well being)
  • U.S. Department of Homeland Security (DHS)
  • U.S. Office of Energy (DOE)
  • U.S. Countrywide Nuclear Protection Administration (NNSA)
  • Some US states (Distinct states are undisclosed)
  • Microsoft
  • Cisco

Scientists afterwards uncovered that a second malware identified as SUPERNOVA was distributed by a distinct team of menace actors working with the Orion system.

Microsoft believes that the attacker’s close objective was to obtain access to victim’s cloud knowledge.