Latest News Latest News

Multiple Botnets Exploiting Critical Oracle WebLogic Bug — PATCH NOW

Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems.

Read More...

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.

Read More...

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system.

Read More...

Microsoft Releases Windows Security Updates For Critical Flaws

Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day.

Read More...

Researcher Discloses Critical RCE Flaws In Cisco Security Manager

Cisco has published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) a week after the networking equipment maker quietly released patches with version 4.22 of the platform.

Read More...

Cisco warns of actively exploited IOS XR zero-days

Cisco warned on Saturday about two zero-day vulnerability impacting the Internetwork Operating System (IOS) that ships with its networking equipment.

Read More...

New Chrome 0-day Under Active Attacks – Update Your Browser Now

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.

Read More...

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices.

Read More...

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity.

Read More...

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. "Recent FIN11 intrusions have most commonly led to data theft, extortion and the disruption of victim networks via the distribution of CLOP ransomware".

Read More...

Most Viewed News Most Viewed News

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity.

With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more on technology and are busy fighting with the pandemic, the attackers now have plenty of options to target them more than ever.

Key Cybersecurity Crises in Numbers

According to ACRONIS Cyber Readiness Report 2020, 31% of companies worldwide are faced with at least one cybersecurity incident per day. However, India reported twice as many cyberattacks per day, where most of the cyberattacks comprise phishing, DDoS, video conferencing, exploiting weak services, and malware.

The phishing campaign is the most worrying attack as they attained the peak during this pandemic. Though malware hit fewer numbers, it remains a more critical issue in India – reports almost 2x times Malware issues than the global average.

Further, 39% of all organizations surveyed experienced video conferencing attack. Among them, India, Canada, Switzerland, and the UK are the most affected countries.

Coronavirus themed phishing emails and malicious websites claiming useful information on COVID-19 have emerged as the top threats to the companies. Also, 400,000 new ransomware assaults are recognized from April – June 2020 as per the report of Seqrite.

Most of these cyber-attacks were succeeded by obtaining access to a remote system by exploiting vulnerable services.

Why is India So Vulnerable to Cyberattacks?

Ignoring Internal Security Threats — Enterprises are more focused on guaranteeing business continuity with seamless operations than bridging the gaps in their remote infrastructure. If sensitive data flows between various departments without a proper monitoring and logging process, then it becomes tricky to identify the loopholes in case any attack happens.

Confronting External Threats — With the ever-increasing external threats, an organization can't be 100 % prepared. Only a few Indian companies maintain security measures in place like Web Application Firewalls to monitor external threats and stop cyberattack incidents as and when they happen.

Detectable Weak Points During Remote Work — The main weak points, which get exposed during the sudden shift to remote work include Weak Authentication Techniques, Insufficient Monitoring, and Exposed Servers (DNS, VPN, RDP, etc.)

Moreover, many employees usually ignore personal online security hygiene. With this 'work from anywhere culture,' employees begin to access their personal emails as well as social media sites on their official machine.

Overall, with the merging of the personal and work-life online, cyber-attacks can easily occur through unsecured personal accounts.

Missing Expertise in Cloud Technology — To ensure ease of accessing the data from any device and anywhere, many companies have adopted cloud technology.

However, they don't have adequate in-house resources to manage and protect APIs, SaaS, or containers. The increasing number of poorly configured cloud architectures will inevitably open doors for the attackers.

The Pandemic Landscape Demands Modern Protection

Here are the golden tips to keep you away from these recent cybersecurity incidents:

  • Train your employees in security principles
  • Be cautious with attachments, links, or text received via emails, especially with a subject line related to COVID-19
  • Frame robust remote work policy
  • Use only trusted sources like legitimate websites for up-to-date information
  • Don't disclose your financial or personal information in an email or phone calls from unknown persons
  • Encourage the use of office devices only for official purpose
  • Don't reuse passwords between different accounts and applications
  • Take data backups and store it separately
  • Use multi-factor authentication
  • Modernize your stack with Cloud-based WAF, such as AppTrana, a next-generation cybersecurity protection suite that includes vulnerability assessments, virtual patching, zero false positives, DDoS attack prevention, and many more features.

                        The Closure

In the cybersecurity space, attackers lead the learning curve, with security professionals following the lead to boost preventive measures. However, with advanced technologies, this scenario begins to change.

The next-gen threat monitoring tools and predictive analytics go beyond the rule-based system and detect cyber risks, thereby flags potential threats in a secure and faster way.

With adequate nationwide cybersecurity awareness and robust policies in place, companies should be capable of battling cyber threats effectively in the future.


Contact Us Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270,

                            +251-936825343,

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Download PGP Keys


Report an Incident

Values Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving