{"id":15372,"date":"2021-03-16T16:00:24","date_gmt":"2021-03-16T15:00:24","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=15372"},"modified":"2021-09-14T11:54:38","modified_gmt":"2021-09-14T10:54:38","slug":"cert-w-newsletter-february-2021","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/","title":{"rendered":"CERT-W Newsletter February 2021"},"content":{"rendered":"<figure id=\"post-14786 media-14786\" class=\"align-center\">\n<figure id=\"post-14983 media-14983\" class=\"align-center\">\n<figure id=\"post-15176 media-15176\" class=\"align-center\">\n<figure id=\"post-15373 media-15373\" class=\"align-center\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-15373\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/03\/23.png\" alt=\"\" width=\"761\" height=\"239\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/03\/23.png 1498w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/03\/23-437x137.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/03\/23-71x22.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/03\/23-768x241.png 768w\" sizes=\"auto, (max-width: 761px) 100vw, 761px\" \/><\/figure>\n<\/figure>\n<\/figure>\n<\/figure>\n<table style=\"width: 0%; height: 294px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 20.027%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Monthly indicators<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 48px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP ATTACK<\/strong><\/td>\n<td style=\"width: 79.973%; height: 48px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/www.euronews.com\/2021\/02\/16\/several-french-hospitals-crippled-by-cyberattacks\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Two French hospital under ransomware attacks<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 10px; border-color: #ffffff; text-align: left;\" colspan=\"2\">Ransomware attacks struck <strong style=\"font-family: inherit; font-size: inherit;\">two French hospital groups in less than a week<\/strong><span style=\"font-family: inherit; font-size: inherit;\">, prompting the transfer of some patients to other facilities but not affecting care for Covid-19 patients or virus vaccinations. <\/span>The two French hospitals were stricken with <strong style=\"font-family: inherit; font-size: inherit;\">ransomware attacks,<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> and a third pre-emptively <\/span><strong style=\"font-family: inherit; font-size: inherit;\">cut connections with an IT provider<\/strong><span style=\"font-family: inherit; font-size: inherit;\">. <\/span>The Villefranche-sur-Sa\u00f4ne hospital complex in France\u2019s eastern Rhone d\u00e9partement (administrative area) announced Monday that a cyber-attack had been detected at 4:30am local time. The attack by the crypto-virus RYUK, a kind of ransomware, &#8220;strongly impacts&#8221; the Villefranche, Tarare and Tr\u00e9voux sites of the North-West Hospital.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><span style=\"color: #333333;\"><strong>TOP EXPLOIT<\/strong><\/span><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><a href=\"https:\/\/abcnews.go.com\/US\/outdated-computer-system-exploited-florida-water-treatment-plant\/story?id=75805550\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>An outdated version of Windows and a weak cybersecurity network allowed hackers to poison the Florida water treatment<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 37px; text-align: left;\" colspan=\"2\"><span style=\"font-family: inherit; font-size: inherit;\"><span style=\"font-family: inherit; font-size: inherit;\"><span style=\"font-family: inherit; font-size: inherit;\">The hacker was able to <strong style=\"font-family: inherit; font-size: inherit;\">use remote access software to raise the levels of sodium hydroxide<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> in the water from about 100 parts per million to 11,100 parts per million for a few minutes, according to investigators. The FBI&#8217;s Cyber Division on Tuesday notified law enforcement agencies and businesses to warn them about the computer vulnerabilities, which led to the Bruce T. Haddock <\/span><strong style=\"font-family: inherit; font-size: inherit;\">Water Treatment Plant<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> in Oldsmar being hacked on Feb. 5.<\/span><br \/>\n<\/span><\/span><\/span><span style=\"font-family: inherit; font-size: inherit;\"><span style=\"font-family: inherit; font-size: inherit;\">The plant&#8217;s computer systems were using Windows 7, which hasn&#8217;t received support or updates from Microsoft in over a year, according to the FBI.<\/span><\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><strong>TOP LEAK<\/strong><\/td>\n<td style=\"width: 79.973%; border-color: #ffffff; height: 21px; text-align: left;\"><a href=\"https:\/\/cybernews.com\/news\/largest-compilation-of-emails-and-passwords-leaked-free\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>COMB: more than 3 billion of Gmail, Hotmail, Netflix passwords have leaked<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 35px; text-align: left;\" colspan=\"2\">It\u2019s being called <strong>the biggest breach of all time<\/strong> and <strong>the mother of all breaches<\/strong>: COMB, or the Compilation of Many Breaches, contains more than 3.2 billion unique pairs of cleartext emails and passwords. While many data breaches and leaks have plagued the internet in the past, this one is exceptional in the sheer size of it. To wit, the entire population of the planet is at roughly 7.8 billion, and this is about 40% of that.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%; height: 212px;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 89px; border: 0px solid #21a6a6; text-align: left;\" colspan=\"2\">\n<h1><strong>Cybercrime watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.europol.europa.eu\/newsroom\/news\/ten-hackers-arrested-for-string-of-sim-swapping-attacks-against-celebrities\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Arrest,Ten hackers arrested after stealing over USD 100 million in cryptocurrencies by hijacking phone numbers<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 1.00503%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\">Around 10 criminals have been <strong>arrested<\/strong> as a result of an <strong>international investigation into a series of sim swapping attacks<\/strong> targeting high-profile victims in the United States. The attacks orchestrated by this criminal gang targeted thousands of victims throughout 2020, including famous internet influencers, sport stars, musicians and their families. The criminals are believed to have <strong>stolen<\/strong> from them over <strong>USD 100 million in cryptocurrencies<\/strong> after illegally gaining access to their phones.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.cert.ssi.gouv.fr\/cti\/CERTFR-2021-CTI-005\/\"><span style=\"text-decoration: underline;\"><strong><span style=\"color: #21a6a6; text-decoration: underline;\">Sandworm intrusion set campaign targeting Centreon systems, impacting several French entities<\/span><\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">ANSSI has been informed of <strong style=\"font-family: inherit; font-size: inherit;\">an intrusion campaign targeting the monitoring software Centreon<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> distributed by the French company CENTREON which resulted in the <\/span><strong style=\"font-family: inherit; font-size: inherit;\">breach of several French entities<\/strong><span style=\"font-family: inherit; font-size: inherit;\">. This campaign mostly affected information technology providers, especially web hosting providers.<\/span><br \/>\nOn compromised systems, ANSSI discovered the presence of a backdoor in the form of a webshell dropped on several Centreon servers exposed to the internet. This campaign bears several similarities with previous campaigns attributed to the <strong>intrusion set named Sandworm.<\/strong><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 1.00503%; height: 23px; border: 4px solid #21a6a6; text-align: left;\" colspan=\"2\"><a href=\"https:\/\/www.zdnet.com\/article\/dutch-covid-19-patient-data-sold-on-the-criminal-underground\/\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Following Emotet and Netwalker arrest, groups of cybercriminal publicity released victim&#8217;s decrytption keys<\/strong><\/span><\/a><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; border-color: #ffffff; text-align: left; width: 1.00503%;\" colspan=\"2\">Less than one month after the arrest of <strong style=\"font-family: inherit; font-size: inherit;\">Emotet and Netwalker<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> networks, two cybercriminal groups known as Ziggy and Fonix announced that they were shutting down their ransomware operations and would be releasing all of the <\/span><strong style=\"font-family: inherit; font-size: inherit;\">decryption keys<\/strong><span style=\"font-family: inherit; font-size: inherit;\">. The groups mentioned concerns about recent law enforcement activity and guilt for encrypting victims. Ziggy ransomware admin indeed <\/span><strong style=\"font-family: inherit; font-size: inherit;\">posted a SQL file<\/strong><span style=\"font-family: inherit; font-size: inherit;\"> containing 922 decryption keys for encrypted victims.\u00a0For each victim, the SQL file lists three keys needed to decrypt their encrypted files.<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"width: 100%;\">\n<tbody>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 89px; text-align: left; border: 0px solid #21a6a6;\" colspan=\"2\">\n<h1><strong>Vulnerability watch<\/strong><\/h1>\n<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1300\"><strong>CVE-2021-1300<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Cisco SD-WAN Vulnerability<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff;\">\n<td style=\"width: 100%; height: 23px; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score: 9.8 CRITICAL<\/strong><\/p>\n<p>Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks (<a href=\"https:\/\/threatpost.com\/cisco-zero-day-anyconnect-secure-patch\/160988\/\">SD-WAN<\/a>) solutions for business users. One of them is this buffer-overflow flaw stems from incorrect handling of IP traffic; an attacker could exploit the flaw by sending crafted IP traffic through an affected device, which may cause a buffer overflow when the traffic is processed. Ultimately, this allows an attacker to execute arbitrary code on the underlying operating system with root privileges.<\/td>\n<\/tr>\n<tr style=\"border-color: #ffffff; height: 48px;\">\n<td style=\"width: 20.027%; height: 23px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1257\"><strong>CVE-2021-1257<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 23px; border-color: #ffffff; text-align: left;\"><span style=\"color: #21a6a6;\"><b><u><strong>Cisco Digital Network Architecture CSRF Vulnerability<\/strong><\/u><\/b><\/span><\/td>\n<\/tr>\n<tr style=\"height: 60px;\">\n<td style=\"height: 23px; width: 100%; border-color: #ffffff; text-align: left;\" colspan=\"2\"><strong>CVSS score : 8.8 HIGH<\/strong><\/p>\n<p>The flaw exists in the web-based management interface of the Cisco DNA Center, which is a centralized network-management and orchestration platform for Cisco DNA. An attacker could exploit the vulnerability by socially engineering a web-based management user into following a specially crafted link, say via a phishing email or chat. If the user clicks on the link, the attacker can then perform arbitrary actions on the device with the privileges of the authenticated user.<\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 20.027%; height: 21px; border: 4px solid #21a6a6; text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1647\"><strong>CVE-2021-1647<\/strong><\/a><\/td>\n<td style=\"width: 79.973%; height: 21px; border-color: #ffffff; text-align: left;\"><span style=\"text-decoration: underline; color: #21a6a6;\"><strong>Microsoft Defender Remote Code Execution Vulnerability<\/strong><\/span><\/td>\n<\/tr>\n<tr style=\"height: 40px;\">\n<td style=\"width: 100%; border-color: #ffffff; height: 119px; text-align: left;\" colspan=\"2\"><strong>CVSS score : 7.8 HIGH<\/strong><\/p>\n<p>It could allow an authenticated user to execute arbitrary .NET code on an affected server in the context of the SharePoint Web Application service account. In its default configuration, authenticated SharePoint users are able to create sites that provide all of the necessary permissions that are prerequisites for launching an attack.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Monthly indicators TOP ATTACK Two French hospital under ransomware attacks Ransomware attacks struck two French hospital groups in less than a week, prompting the transfer of some patients to other facilities but not affecting care for Covid-19 patients or virus&#8230;<\/p>\n","protected":false},"author":1364,"featured_media":14576,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3973,3273],"tags":[3487,3486,3405,3479,2944,2878],"coauthors":[3488],"class_list":["post-15372","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cert-newsletter","category-ethical-hacking-indicent-response-en","tag-cert-w-en","tag-cybercrime","tag-incident-response-cert-w-en","tag-indicators","tag-newsletter","tag-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CERT-W Newsletter February 2021 - RiskInsight<\/title>\n<meta name=\"description\" content=\"CERT-W February 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CERT-W Newsletter February 2021 - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"CERT-W February 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-16T15:00:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-09-14T10:54:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1641\" \/>\n\t<meta property=\"og:image:height\" content=\"1158\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"CERT-W\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"CERT-W\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\"},\"author\":{\"name\":\"CERT-W\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\"},\"headline\":\"CERT-W Newsletter February 2021\",\"datePublished\":\"2021-03-16T15:00:24+00:00\",\"dateModified\":\"2021-09-14T10:54:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\"},\"wordCount\":820,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"keywords\":[\"CERT-W\",\"cybercrime\",\"incident response CERT-W\",\"indicators\",\"Newsletter\",\"Vulnerabilities\"],\"articleSection\":[\"CERT Newsletter\",\"Ethical Hacking &amp; Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\",\"name\":\"CERT-W Newsletter February 2021 - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"datePublished\":\"2021-03-16T15:00:24+00:00\",\"dateModified\":\"2021-09-14T10:54:38+00:00\",\"description\":\"CERT-W February 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"width\":1641,\"height\":1158},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CERT-W Newsletter February 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca\",\"name\":\"CERT-W\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CERT-W Newsletter February 2021 - RiskInsight","description":"CERT-W February 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/","og_locale":"en_US","og_type":"article","og_title":"CERT-W Newsletter February 2021 - RiskInsight","og_description":"CERT-W February 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/","og_site_name":"RiskInsight","article_published_time":"2021-03-16T15:00:24+00:00","article_modified_time":"2021-09-14T10:54:38+00:00","og_image":[{"width":1641,"height":1158,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"CERT-W","twitter_misc":{"Written by":"CERT-W","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/"},"author":{"name":"CERT-W","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca"},"headline":"CERT-W Newsletter February 2021","datePublished":"2021-03-16T15:00:24+00:00","dateModified":"2021-09-14T10:54:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/"},"wordCount":820,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","keywords":["CERT-W","cybercrime","incident response CERT-W","indicators","Newsletter","Vulnerabilities"],"articleSection":["CERT Newsletter","Ethical Hacking &amp; Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/","name":"CERT-W Newsletter February 2021 - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","datePublished":"2021-03-16T15:00:24+00:00","dateModified":"2021-09-14T10:54:38+00:00","description":"CERT-W February 2021 newsletter has been published to help you find the latest indicators and news on cybersecurity.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/11\/Fotolia_76258822_Subscription_Monthly_M.jpg","width":1641,"height":1158},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/03\/cert-w-newsletter-february-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"CERT-W Newsletter February 2021"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/b3138a95b8559cf24bf256c8e9994eca","name":"CERT-W","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/cert-w\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1364"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=15372"}],"version-history":[{"count":2,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15372\/revisions"}],"predecessor-version":[{"id":15376,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15372\/revisions\/15376"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/14576"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=15372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=15372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=15372"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=15372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}