Last Updated on December 9, 2020

Here we are! The first timeline of November is here, covering the main cyber attacks occurred in the first half of the same month (as usual with some additional events that were disclosed in the considered period). In this timeline I have collected 100 events, but this number also includes multiple ransomware events that occurred during the Summer, and came to my attention only now. In any case November has shown a trend inversion in comparison with the previous timelines.

Ransomware continues to dominate the threat landscape, and also thanks to the previously undisclosed events, characterize directly or indirectly 41 out of 100 events, and yes, unfortunately the list of the high-profile victims continues to grow. Another list that continues to grow is the one of the mega breaches: this timeline is no exception and a threat actor in particular, ShinyHunters, seems to be very active.

Another aspects that characterize this timeline is the massive exploitation of 0-day vulnerabilities: Google released three Chrome updates, but also Oracle and Apple had to release several security patches to address multiple vulnerabilities actively exploited in the wild (respectively for WebLogic, Solaris, and iOS).

And where there are vulnerabilities, there are state-sponsored actors: in particular one of these actors (dubbed UNC1945) was quite busy in exploiting the Solaris (CVE-2020-14871) vulnerability. In any case the most relevant cyber espionage event of this timeline is probably the discovery made by Microsoft of three threat groups – Strontium (AKA APT28, Fancy Bear), Zinc (AKA Lazarus Group), Cerium – targeting (unsurprisingly) at least seven prominent companies involved in COVID-19 vaccines research and treatments. Of course they are not the only ones in the list as you will soon discover.

As always, the details are in the timeline! Thanks for sharing it and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.