{"id":15175,"date":"2021-02-17T09:00:15","date_gmt":"2021-02-17T08:00:15","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=15175"},"modified":"2021-02-16T14:08:07","modified_gmt":"2021-02-16T13:08:07","slug":"cert-w-newsletter-january-2021","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/","title":{"rendered":"CERT-W Newsletter January 2021"},"content":{"rendered":"<figure id=\"post-14786 media-14786\" class=\"align-center\">\n<figure id=\"post-14983 media-14983\" class=\"align-center\">\n<figure id=\"post-15176 media-15176\" class=\"align-center\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-15176\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/january.png\" alt=\"\" width=\"862\" height=\"275\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/january.png 1358w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/january-437x139.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/january-71x23.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/january-768x245.png 768w\" sizes=\"auto, (max-width: 862px) 100vw, 862px\" \/><\/figure>\n<\/figure>\n<\/figure>\n<table style=\"width: 0%; height: 294px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 20.027%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Monthly indicators<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 48px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP ATTACK<\/strong><\/td>\n<td style=\"width: 79.973%; height: 48px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/securityboulevard.com\/2021\/01\/solarwinds-aftermath-continues-with-solarleaks\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>SolarWinds aftermaths<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 10px; border-color: #ffffff; text-align: left;\" colspan=\"2\">On the 11<sup style=\"font-family: inherit;\">th<\/sup><span style=\"font-family: inherit; font-size: inherit;\"> of January, a website presumably owned by the actors behind the SolarWinds breach has surfaced, claiming to be selling data obtained using the SolarWinds backdoor. The site, using the domain <\/span><strong style=\"font-family: inherit; font-size: inherit;\">solarleaks.net<\/strong><span style=\"font-family: inherit; font-size: inherit;\">, displays only a pgp signed message, in which the actors share the links to download the stolen information, which has already been encrypted. The domain solarwinds.net has a sister domain located in the dark web, presumably to provide access in case of a takedown.<br \/>\n<\/span>Simultaneously, a growing number of cybersecurity vendors like <a href=\"https:\/\/www.crowdstrike.com\/blog\/sunspot-malware-technical-analysis\/\"><strong>CrowdStrike<\/strong><\/a>, <a href=\"https:\/\/fidelissecurity.com\/threatgeek\/data-protection\/ongoing-analysis-solarwinds-impact\/\"><strong>Fidelis<\/strong><\/a>, FireEye, <a href=\"https:\/\/threatpost.com\/malwarebytes-solarwinds-attackers\/163190\/\"><strong>Malwarebytes<\/strong><\/a>, Palo Alto Networks and <a href=\"https:\/\/threatpost.com\/mimecast-solarwinds-hack-security-vendor-victims\/163431\/\"><strong>Mimecast<\/strong><\/a> are confirming being targeted in the espionage attack. \u201cWhat started out as the SolarWinds attack is slowly turning out to be perhaps the most sophisticated and wide-reaching cyber-campaign we have ever seen,\u201d Ami Luttwak, CTO and co-founder of Wiz \u201cIt encompasses multiple companies used as backdoors to other companies, numerous tools and novel attack methods. This is far more than SolarWinds.\u201d<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><span style=\"color: #333333;\"><strong>TOP EXPLOIT<\/strong><\/span><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/www.theregister.com\/2021\/01\/21\/dept_education_school_laptops_malware\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Laptops given to British schools came preloaded with remote-access worm<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 37px; text-align: left;\" colspan=\"2\"><span style=\"font-family: inherit; font-size: inherit;\">A shipment of laptops supplied to British schools by the Department for Education to help kids learn under lockdown came preloaded with <strong>Gamarue<\/strong> \u2013 an old remote-access worm from the 2010s. This software nasty doesn&#8217;t just spread from computer to computer, it also tries to connect to outside servers for instructions to carry out. From what we know a batch of <strong>23,000 computers<\/strong>, the GeoBook 1E running Windows 10, made by Shenzhen-headquartered Tactus Group, contained the units that were loaded with malware.<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP LEAK<\/strong><\/td>\n<td style=\"width: 79.973%; border-color: #ffffff; height: 21px; text-align: left;\"><a href=\"https:\/\/threatpost.com\/meetmindful-daters-compromised-data-breach\/163313\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Hacker leaks data of 2.28 million dating site user<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 35px; text-align: left;\" colspan=\"2\">The dating site&#8217;s data has been shared as a free download on a publicly accessible hacking forum known for its trade in hacked databases. The leaked data, a <strong>1.2 GB<\/strong> file, appears to be a dump of the site&#8217;s <strong>users database<\/strong>. Some of the most sensitive data points included in the file include: Real names; Email addresses; City, state, and ZIP details; Body details; Dating preferences; Marital status; Birth dates; Latitude and longitude; IP addresses; Bcrypt-hashed account passwords; Facebook user IDs; and Facebook authentication tokens. Messages exchanged by users were not included in the leaked file; however, this does not make the entire incident less sensitive.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%; height: 212px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Cybercrime watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/krebsonsecurity.com\/2021\/01\/arrest-seizures-tied-to-netwalker-ransomware\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Arrest, seizure tied to NetWalker ransomware<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\">U.S. and Bulgarian authorities this week seized the dark web site used by the <strong>NetWalker<\/strong>\u00a0ransomware cybercrime group to publish data stolen from its victims. NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a percentage of any funds extorted from victims. In connection with the seizure, a Canadian national suspected of extorting more than <strong>$27 million<\/strong> through the spreading of NetWalker was charged in a Florida court.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/krebsonsecurity.com\/2021\/01\/international-action-targets-emotet-crimeware\/\"><span style=\"text-decoration: underline;\"><strong><span style=\"color: #21a6a6; text-decoration: underline;\">International action targets Emotet crimeware<\/span><\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">Authorities across Europe said they\u2019d seized control over <strong>Emotet<\/strong>, a prolific malware strain and cybercrime-as-service operation. Investigators say the action could help quarantine more than <strong>a million\u00a0Microsoft Windows\u00a0systems currently compromised<\/strong> with malware tied to Emotet infections. The law enforcement action included the arrest of several suspects in Europe thought to be connected to the crimeware gang and the take down of various servers that communicate with infected systems.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.zdnet.com\/article\/dutch-covid-19-patient-data-sold-on-the-criminal-underground\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Duch insider attack on Covid-19 data<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">Dutch police have arrested <strong>two individuals<\/strong> in Amsterdam for allegedly selling data from the Dutch health ministry\u2019s\u00a0COVID-19 systems on the criminal underground. The arrests came after\u00a0an investigation by RTL Nieuws reporter Daniel Verlaan\u00a0who discovered ads for Dutch citizen data online, advertised on instant messaging apps like Telegram, Snapchat, and Wickr. According to Verlaan, <strong>the two suspects worked in DDG call centers<\/strong>, where they had access to official Dutch government COVID-19 systems and databases, and as they were working from home, they could easily take photos of their screens.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 89px; text-align: left; border: 0px solid #21a6a6;\" colspan=\"2\">\n<h1><strong>Vulnerability watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1300\"><strong>CVE-2021-1300<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Cisco SD-WAN Vulnerability<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score: 9.8 CRITICAL<\/strong><\/p>\n<p>Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks (<a href=\"https:\/\/threatpost.com\/cisco-zero-day-anyconnect-secure-patch\/160988\/\">SD-WAN<\/a>) solutions for business users. One of them is this buffer-overflow flaw stems from incorrect handling of IP traffic; an attacker could exploit the flaw by sending crafted IP traffic through an affected device, which may cause a buffer overflow when the traffic is processed. Ultimately, this allows an attacker to execute arbitrary code on the underlying operating system with root privileges.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1257\"><strong>CVE-2021-1257<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"color: #21a6a6;\"><b><u><strong>Cisco Digital Network Architecture CSRF Vulnerability<\/strong><\/u><\/b><\/span><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; width: 100%; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score : 8.8 HIGH<\/strong><\/p>\n<p>The flaw exists in the web-based management interface of the Cisco DNA Center, which is a centralized network-management and orchestration platform for Cisco DNA. An attacker could exploit the vulnerability by socially engineering a web-based management user into following a specially crafted link, say via a phishing email or chat. If the user clicks on the link, the attacker can then perform arbitrary actions on the device with the privileges of the authenticated user.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1647\"><strong>CVE-2021-1647<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Microsoft Defender Remote Code Execution Vulnerability<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 119px; text-align: left;\" colspan=\"2\"><strong>CVSS score : 7.8 HIGH<\/strong><\/p>\n<p>It could allow an authenticated user to execute arbitrary .NET code on an affected server in the context of the SharePoint Web Application service account. In its default configuration, authenticated SharePoint users are able to create sites that provide all of the necessary permissions that are prerequisites for launching an attack.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Monthly indicators TOP ATTACK SolarWinds aftermaths On the 11th of January, a website presumably owned by the actors behind the SolarWinds breach has surfaced, claiming to be selling data obtained using the SolarWinds backdoor. The site, using the domain solarleaks.net,&#8230;<\/p>\n","protected":false},"author":1364,"featured_media":14576,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3273],"tags":[3487,3530,3486,3405,3479,2944,2878],"coauthors":[3488],"class_list":["post-15175","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response-en","tag-cert-w-en","tag-cyber-en-2","tag-cybercrime","tag-incident-response-cert-w-en","tag-indicators","tag-newsletter","tag-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CERT-W Newsletter January 2021 - RiskInsight<\/title>\n<meta name=\"description\" content=\"CERT-W January 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CERT-W Newsletter January 2021 - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"CERT-W January 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-17T08:00:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1641\" \/>\n\t<meta property=\"og:image:height\" content=\"1158\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"CERT-W\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"CERT-W\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\"},\"author\":{\"name\":\"CERT-W\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\"},\"headline\":\"CERT-W Newsletter January 2021\",\"datePublished\":\"2021-02-17T08:00:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\"},\"wordCount\":870,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"keywords\":[\"CERT-W\",\"cyber\",\"cybercrime\",\"incident response CERT-W\",\"indicators\",\"Newsletter\",\"Vulnerabilities\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Ethical Hacking &amp; Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\",\"name\":\"CERT-W Newsletter January 2021 - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"datePublished\":\"2021-02-17T08:00:15+00:00\",\"description\":\"CERT-W January 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"width\":1641,\"height\":1158},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CERT-W Newsletter January 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\",\"name\":\"CERT-W\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CERT-W Newsletter January 2021 - RiskInsight","description":"CERT-W January 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/","og_locale":"en_US","og_type":"article","og_title":"CERT-W Newsletter January 2021 - RiskInsight","og_description":"CERT-W January 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/","og_site_name":"RiskInsight","article_published_time":"2021-02-17T08:00:15+00:00","og_image":[{"width":1641,"height":1158,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"CERT-W","twitter_misc":{"Written by":"CERT-W","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/"},"author":{"name":"CERT-W","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca"},"headline":"CERT-W Newsletter January 2021","datePublished":"2021-02-17T08:00:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/"},"wordCount":870,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","keywords":["CERT-W","cyber","cybercrime","incident response CERT-W","indicators","Newsletter","Vulnerabilities"],"articleSection":["Cybersecurity &amp; Digital Trust","Ethical Hacking &amp; Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/","name":"CERT-W Newsletter January 2021 - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","datePublished":"2021-02-17T08:00:15+00:00","description":"CERT-W January 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","width":1641,"height":1158},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/cert-w-newsletter-january-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"CERT-W Newsletter January 2021"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca","name":"CERT-W","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1364"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=15175"}],"version-history":[{"count":4,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15175\/revisions"}],"predecessor-version":[{"id":15181,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15175\/revisions\/15181"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/14576"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=15175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=15175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=15175"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=15175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}