{"id":14972,"date":"2021-01-15T09:00:46","date_gmt":"2021-01-15T08:00:46","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=14972"},"modified":"2021-01-21T21:07:30","modified_gmt":"2021-01-21T20:07:30","slug":"cert-w-newsletter-december-2020-risk-insight","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/","title":{"rendered":"CERT-W Newsletter December 2020"},"content":{"rendered":"<figure id=\"post-14786 media-14786\" class=\"align-center\">\n<figure id=\"post-14983 media-14983\" class=\"align-center\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-14983\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/01\/DECEMBER.png\" alt=\"\" width=\"1512\" height=\"482\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/01\/DECEMBER.png 1512w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/01\/DECEMBER-437x139.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/01\/DECEMBER-71x23.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/01\/DECEMBER-768x245.png 768w\" sizes=\"auto, (max-width: 1512px) 100vw, 1512px\" \/><\/figure>\n<\/figure>\n<table style=\"width: 0%; height: 294px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 20.027%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Monthly indicators<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 48px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP ATTACK<\/strong><\/td>\n<td style=\"width: 79.973%; height: 48px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/www.theregister.com\/2020\/12\/21\/in_brief_security\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>The massive SolarWind hack<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 10px; border-color: #ffffff; text-align: left;\" colspan=\"2\">Russian SVR Hackers have been romping through some 18,000 of SolarsWinds&#8217; Origin customer servers using the SUNBURST malware installed via a backdoored update server. FireEye, Microsoft and GoDaddy believe the avsvmcloud domain has been used to coordinate attacks. We do not know yet how the hackers hacked into SolarWinds but last year the company\u2019s server was protected by the password \u201csolarwinds123\u201d (<a style=\"font-family: inherit; font-size: inherit;\" href=\"https:\/\/www.theregister.com\/2020\/12\/16\/solarwinds_github_password\/\">link<\/a><span style=\"font-family: inherit; font-size: inherit;\"> for more details).<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><span style=\"color: #333333;\"><strong>TOP EXPLOIT<\/strong><\/span><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/arstechnica.com\/gadgets\/2020\/12\/iphone-zero-click-wi-fi-exploit-is-one-of-the-most-breathtaking-hacks-ever\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>iPhone zero click Wi-Fi exploit<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 37px; text-align: left;\" colspan=\"2\">Before Apple patch, Wi-Fi packets could steal photos. No interaction needed. Over the air. This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google\u2019s vulnerability research arm. In this post (<a href=\"https:\/\/googleprojectzero.blogspot.com\/2020\/12\/an-ios-zero-click-radio-proximity.html\">link<\/a>), Beer covers the entire process to successfully exploiting this vulnerability in order to run arbitrary code on any nearby iOS device and steal all the user data.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP LEAK<\/strong><\/td>\n<td style=\"width: 79.973%; border-color: #ffffff; height: 21px; text-align: left;\"><a href=\"https:\/\/www.theregister.com\/2020\/12\/07\/data_breach_in_hackathon_data\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Travel agency leaked customer data by giving away in a hackaton<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 35px; text-align: left;\" colspan=\"2\">When running a hackathon in 2017, the Australian travel agency, Flight Centre, provided a dataset containing 106 million rows of data and containing 6,121,565 individual customer records. Unfortunately, credit card records and passport numbers belonging to close to 7,000 people were in free text fields. An investigation showed that the agency:<\/p>\n<ul>\n<li>Did not implement a way to prevent its employees to fill out those fields with personal information.<\/li>\n<li>Did not carry out the necessary checks, only reviewing a top 1,000 row sample for each data file within the dataset.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%; height: 212px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Cybercrime watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.zdnet.com\/article\/a-hacker-is-selling-access-to-the-email-accounts-of-hundreds-of-c-level-executives\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>A hacker is selling access to the email accounts of hundreds of C-Level Executives<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\">The data (email and password combinations for Office 365 and Microsoft accounts) is being sold on a closed-access underground forum for Russian-speaking hackers named Exploit.in. Access to any of these accounts is sold for prices ranging from $100 to $1,500, depending on the company size and user&#8217;s role. The validity of the data has been confirmed and the seller refused to share how he obtained the login credentials but said he had hundreds more to sell.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.theregister.com\/2020\/12\/01\/scam_call_prison\/\"><span style=\"text-decoration: underline;\"><strong><span style=\"color: #21a6a6; text-decoration: underline;\">A tax scam ringleader impersonating the IRS just got sent down for 20 years<\/span><\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">The man who headed an international criminal call center racket that conned Americans into handing over tens of millions of dollars in the belief they were being chased for money by the US government has been jailed for 20 years. The con artists ran a complex scheme in which employees from call centers in Ahmedabad, India, impersonated officials from the IRS and US Citizenship and Immigration Services (USCIS). Their victims were threatened with arrest, imprisonment, fines or deportation if they did not pay money allegedly owed to the government.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.europol.europa.eu\/newsroom\/news\/cybercriminals%E2%80%99-favourite-vpn-taken-down-in-global-action#:~:text=The%20virtual%20private%20network%20(VPN,agencies%20from%20around%20the%20world.\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Cybercriminal&#8217;s favourite VPN taken down in global action<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">The virtual private network (VPN) Safe-Inet used by the world\u2019s foremost cybercriminals has been taken down in a coordinated law enforcement action led by Europol and the FBI. Its infrastructure was seized in Germany, the Netherlands, Switzerland, France and the United States. The servers were taken down, and a splash page was put up online after the domain seizures.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 89px; text-align: left; border: 0px solid #21a6a6;\" colspan=\"2\">\n<h1><strong>Vulnerability watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17095\"><strong>CVE-2020-17095<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Hyper-V Remote Code Execution Vulnerability<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score: 9.9 CRITICAL<\/strong><\/p>\n<p>It is a bug that could allow an attacker to escalate privileges from code execution in a Hyper-V guest to code execution on the Hyper-V host by passing invalid vSMB packet data. It appears that no special permissions are needed on the guest OS to exploit this vulnerability.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17132\"><strong>CVE-2020-17132<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"color: #21a6a6;\"><b><u><strong>Microsoft Exchange Remote Code Execution Vulnerability<\/strong><\/u><\/b><\/span><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; width: 100%; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score : 9.1 CRITICAL<\/strong><\/p>\n<p>Microsoft doesn\u2019t provide an attack scenario here but does note that the attacker needs to be authenticated. This indicates that if you take over someone\u2019s mailbox, you can take over the entire Exchange server.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17121\"><strong>CVE-2020-17121<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Microsoft SharePoint Remote Code Execution Vulnerability<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 119px; text-align: left;\" colspan=\"2\"><strong>CVSS score : 8.8 HIGH<\/strong><\/p>\n<p>It could allow an authenticated user to execute arbitrary .NET code on an affected server in the context of the SharePoint Web Application service account. In its default configuration, authenticated SharePoint users are able to create sites that provide all of the necessary permissions that are prerequisites for launching an attack.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Monthly indicators TOP ATTACK The massive SolarWind hack Russian SVR Hackers have been romping through some 18,000 of SolarsWinds&#8217; Origin customer servers using the SUNBURST malware installed via a backdoored update server. FireEye, Microsoft and GoDaddy believe the avsvmcloud domain&#8230;<\/p>\n","protected":false},"author":1364,"featured_media":14576,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3273],"tags":[3487,3486,2772,3405,3479,2944,2878],"coauthors":[3488],"class_list":["post-14972","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response-en","tag-cert-w-en","tag-cybercrime","tag-cybersecurity","tag-incident-response-cert-w-en","tag-indicators","tag-newsletter","tag-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CERT-W Newsletter December 2020 - RiskInsight<\/title>\n<meta name=\"description\" content=\"CERT-W December 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CERT-W Newsletter December 2020 - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"CERT-W December 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-15T08:00:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-01-21T20:07:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1641\" \/>\n\t<meta property=\"og:image:height\" content=\"1158\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"CERT-W\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"CERT-W\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\"},\"author\":{\"name\":\"CERT-W\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\"},\"headline\":\"CERT-W Newsletter December 2020\",\"datePublished\":\"2021-01-15T08:00:46+00:00\",\"dateModified\":\"2021-01-21T20:07:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\"},\"wordCount\":676,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"keywords\":[\"CERT-W\",\"cybercrime\",\"cybersecurity\",\"incident response CERT-W\",\"indicators\",\"Newsletter\",\"Vulnerabilities\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Ethical Hacking &amp; Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\",\"name\":\"CERT-W Newsletter December 2020 - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"datePublished\":\"2021-01-15T08:00:46+00:00\",\"dateModified\":\"2021-01-21T20:07:30+00:00\",\"description\":\"CERT-W December 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"width\":1641,\"height\":1158},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CERT-W Newsletter December 2020\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\",\"name\":\"CERT-W\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CERT-W Newsletter December 2020 - RiskInsight","description":"CERT-W December 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/","og_locale":"en_US","og_type":"article","og_title":"CERT-W Newsletter December 2020 - RiskInsight","og_description":"CERT-W December 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/","og_site_name":"RiskInsight","article_published_time":"2021-01-15T08:00:46+00:00","article_modified_time":"2021-01-21T20:07:30+00:00","og_image":[{"width":1641,"height":1158,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"CERT-W","twitter_misc":{"Written by":"CERT-W","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/"},"author":{"name":"CERT-W","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca"},"headline":"CERT-W Newsletter December 2020","datePublished":"2021-01-15T08:00:46+00:00","dateModified":"2021-01-21T20:07:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/"},"wordCount":676,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","keywords":["CERT-W","cybercrime","cybersecurity","incident response CERT-W","indicators","Newsletter","Vulnerabilities"],"articleSection":["Cybersecurity &amp; Digital Trust","Ethical Hacking &amp; Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/","name":"CERT-W Newsletter December 2020 - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","datePublished":"2021-01-15T08:00:46+00:00","dateModified":"2021-01-21T20:07:30+00:00","description":"CERT-W December 2020 newsletter has been published to help you find the latest indicators and news on cybersecurity.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","width":1641,"height":1158},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/01\/cert-w-newsletter-december-2020-risk-insight\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"CERT-W Newsletter December 2020"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca","name":"CERT-W","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/14972","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1364"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=14972"}],"version-history":[{"count":4,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/14972\/revisions"}],"predecessor-version":[{"id":14985,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/14972\/revisions\/14985"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/14576"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=14972"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=14972"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=14972"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=14972"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}