{"id":14783,"date":"2020-12-16T09:00:54","date_gmt":"2020-12-16T08:00:54","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=14783"},"modified":"2020-12-14T18:32:48","modified_gmt":"2020-12-14T17:32:48","slug":"cert-w-newsletter-november-2020-risk-insight","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/","title":{"rendered":"CERT-W Newsletter November 2020"},"content":{"rendered":"<figure id=\"post-14786 media-14786\" class=\"align-center\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-14786 alignnone\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/12\/nov.png\" alt=\"\" width=\"981\" height=\"311\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/12\/nov.png 1269w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/12\/nov-437x139.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/12\/nov-71x23.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/12\/nov-768x244.png 768w\" sizes=\"auto, (max-width: 981px) 100vw, 981px\" \/><\/figure>\n<table style=\"width: 0%; height: 294px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 20.027%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Monthly indicators<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 48px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP ATTACK<\/strong><\/td>\n<td style=\"width: 79.973%; height: 48px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/www.zdnet.com\/article\/brazilian-government-recovers-from-worst-ever-cyberattack\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Brazilian government recovers from &#8220;worst-ever&#8221; cyberattack<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 10px; border-color: #ffffff; text-align: left;\" colspan=\"2\">After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution on the 3<sup style=\"font-family: inherit;\">rd<\/sup><span style=\"font-family: inherit; font-size: inherit;\"> , the <\/span><strong style=\"font-family: inherit; font-size: inherit;\">Superior Electoral Court<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> (STJ, in the Portuguese acronym) has managed to get its systems back up and running. The Court had to suspend all STJ sessions for a few days and then operate with limited functionality for urgent cases until the systems were fully re-established in November 20. The ransomware would have relied on a vulnerability discovered during a <\/span><a style=\"font-family: inherit; font-size: inherit;\" href=\"https:\/\/www.theregister.com\/2020\/11\/09\/tianfu_cup\/\">Chinese hacking competition<\/a><span style=\"font-family: inherit; font-size: inherit;\">.<\/span><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP ATTACK<\/strong><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/www.lemagit.fr\/actualites\/252492731\/Ransomware-le-groupe-Egregor-revendique-la-cyberattaque-sur-Ouest-France\"><span style=\"text-decoration: underline;\"><strong><span style=\"color: #21a6a6; text-decoration: underline;\">The Egregor ransomware disrupts the distribution of the daily &#8220;Ouest France&#8221;<\/span><\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 10px; width: 100%; border-color: #ffffff; text-align: left;\" colspan=\"2\">Ouest-France, <strong>the leading French daily<\/strong> by its distribution, will publish only one edition of its Sunday newspaper, against ten usually, after being the victim of the <strong>Egregor ransomware<\/strong> in the night from 20th to 21st of November.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><span style=\"color: #333333;\"><strong>TOP EXPLOIT<\/strong><\/span><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/new-gitpaste-12-botnet-exploits-12-known-vulnerabilities\/d\/d-id\/1339401?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>GitPaste-12 worm targets Linux servers, IoT devices<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 37px; text-align: left;\" colspan=\"2\">Security researchers have discovered a new worm and botnet dubbed Gitpaste-12, named for <strong>its usage of GitHub and Pastebin <\/strong>to host component code and the <strong>12 known vulnerabilities<\/strong> it exploits to compromise systems.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP LEAK<\/strong><\/td>\n<td style=\"width: 79.973%; border-color: #ffffff; height: 21px; text-align: left;\"><a href=\"https:\/\/threatpost.com\/millions-hotel-guests-worldwide-data-leak\/161044\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Millions of hotel worldwide caught up in mass data leak<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 35px; text-align: left;\" colspan=\"2\">Widely used hotel reservation platforms (including Booking.com and Expedia) has <strong style=\"font-family: inherit; font-size: inherit;\">exposed 10 million files<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> related to guests at various hotels around the world, thanks to <\/span><strong style=\"font-family: inherit; font-size: inherit;\">a misconfigured Amazon Web Services S3 bucket<\/strong><span style=\"font-family: inherit; font-size: inherit;\">. The incident has affected <\/span><strong style=\"font-family: inherit; font-size: inherit;\">24.4 GB worth of data in total<\/strong><span style=\"font-family: inherit; font-size: inherit;\">, threating travellers with identity theft, scams, credit-card fraud and vacation-stealing, according to the security team at Website Planet, which uncovered the bucket.\u00a0<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%; height: 212px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Cybercrime watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/krebsonsecurity.com\/2020\/11\/two-charged-in-sim-swapping-vishing-scams\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Two charged in SIM swapping, vishing scams<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\">Two young men from the eastern united states have been hit <strong>with identity theft and conspiracy charges<\/strong> for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/blog.malwarebytes.com\/ransomware\/2020\/11\/regretlocker-new-ransomware-can-encrypt-windows-virtual-hard-disks\/\"><span style=\"text-decoration: underline;\"><strong><span style=\"color: #21a6a6; text-decoration: underline;\">New Regret Locker ransomware targets Windows Virtual Machines<\/span><\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">A new ransomware called Regret Locker was discovered in October. It may be a simple ransomware in terms of appearance, but it makes up for in advanced features. In fact, Regret Locker uses an <strong>interesting technique of mounting a virtual disk file<\/strong> so each of its files can be encrypted individually.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/threatpost.com\/ragnar-locker-ransomware-facebook-ads\/161133\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Ragnar Locker ransomware gang takes out Facebook ads in key tactic<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">The Ragnar Locker ransomware group has decided to ratchet up the pressure on its latest high-profile victim, Italian liquor conglomerate <strong>Campari<\/strong>, by taking out Facebook ads threatening to release the <strong>2TB<\/strong> of sensitive data it stole in a Nov. 3 attack \u2013 unless <strong>a $15 million ransom is paid in Bitcoin.<\/strong><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/us-cert.cisa.gov\/sites\/default\/files\/publications\/AA20-302A_Ransomware _Activity_Targeting_the_Healthcare_and_Public_Health_Sector.pdf\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Ransomware Activity targeting the Healthcare and Public Health Sector<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">CISA, FBI, and HHS have credible information of an <strong>increased and imminent cybercrime threat to U.S. hospitals and healthcare providers<\/strong>. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 89px; text-align: left; border: 0px solid #21a6a6;\" colspan=\"2\">\n<h1><strong>Vulnerability watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17051\"><strong>CVE-2020-17051<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Remote kernel heap overflow in NFSv3 Windows Server<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score: 9.8 CRITICAL<\/strong><\/p>\n<p>A critical vulnerability\u00a0in the Windows\u00a0NFSv3\u00a0(Network File System)\u00a0server.\u00a0NFS is typically used in heterogenous environments of Windows and Unix\/Linux for file sharing.\u00a0The vulnerability can be reproduced to\u00a0cause\u00a0an\u00a0immediate BSOD (Blue Screen of Death)\u00a0within the nfssvr.sys driver.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17087\"><strong>CVE-2020-17087<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"color: #21a6a6;\"><b><u><strong>Windows Kernel Local Elevation of Privilege Vulnerability<\/strong><\/u><\/b><\/span><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; width: 100%; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score : 7.8 HIGH<\/strong><\/p>\n<p>A privilege escalation flaw that would allow an attacker who has already compromised a less powerful user account on a system to gain administrative control. In essence, it would have to be chained with another exploit.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-3556\"><strong>CVE-2020-3556<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>CISCO AnyConnect VPN Zero-Day<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 119px; text-align: left;\" colspan=\"2\"><strong>CVSS score : 7.3 HIGH<\/strong><\/p>\n<p>A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Monthly indicators TOP ATTACK Brazilian government recovers from &#8220;worst-ever&#8221; cyberattack After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution on the 3rd , the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to&#8230;<\/p>\n","protected":false},"author":1364,"featured_media":14576,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3273],"tags":[3487,3486,2772,3405,3479,2944,2878],"coauthors":[3488],"class_list":["post-14783","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response-en","tag-cert-w-en","tag-cybercrime","tag-cybersecurity","tag-incident-response-cert-w-en","tag-indicators","tag-newsletter","tag-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CERT-W Newsletter November 2020 - RiskInsight<\/title>\n<meta name=\"description\" content=\"CERT-W November 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CERT-W Newsletter November 2020 - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"CERT-W November 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-16T08:00:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1641\" \/>\n\t<meta property=\"og:image:height\" content=\"1158\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"CERT-W\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"CERT-W\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\"},\"author\":{\"name\":\"CERT-W\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\"},\"headline\":\"CERT-W Newsletter November 2020\",\"datePublished\":\"2020-12-16T08:00:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\"},\"wordCount\":670,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"keywords\":[\"CERT-W\",\"cybercrime\",\"cybersecurity\",\"incident response CERT-W\",\"indicators\",\"Newsletter\",\"Vulnerabilities\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Ethical Hacking &amp; Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\",\"name\":\"CERT-W Newsletter November 2020 - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"datePublished\":\"2020-12-16T08:00:54+00:00\",\"description\":\"CERT-W November 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"width\":1641,\"height\":1158},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CERT-W Newsletter November 2020\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\",\"name\":\"CERT-W\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CERT-W Newsletter November 2020 - RiskInsight","description":"CERT-W November 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/","og_locale":"en_US","og_type":"article","og_title":"CERT-W Newsletter November 2020 - RiskInsight","og_description":"CERT-W November 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/","og_site_name":"RiskInsight","article_published_time":"2020-12-16T08:00:54+00:00","og_image":[{"width":1641,"height":1158,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"CERT-W","twitter_misc":{"Written by":"CERT-W","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/"},"author":{"name":"CERT-W","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca"},"headline":"CERT-W Newsletter November 2020","datePublished":"2020-12-16T08:00:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/"},"wordCount":670,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","keywords":["CERT-W","cybercrime","cybersecurity","incident response CERT-W","indicators","Newsletter","Vulnerabilities"],"articleSection":["Cybersecurity &amp; Digital Trust","Ethical Hacking &amp; Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/","name":"CERT-W Newsletter November 2020 - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","datePublished":"2020-12-16T08:00:54+00:00","description":"CERT-W November 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","width":1641,"height":1158},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/12\/cert-w-newsletter-november-2020-risk-insight\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"CERT-W Newsletter November 2020"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca","name":"CERT-W","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/14783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1364"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=14783"}],"version-history":[{"count":8,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/14783\/revisions"}],"predecessor-version":[{"id":14831,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/14783\/revisions\/14831"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/14576"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=14783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=14783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=14783"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=14783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}