The internal networks of Lithuania’s National Center for Public Health (NVSC) and several municipalities have been infected with Emotet following a large campaign targeting the country’s institutions.

T-Mobile states that the breach did not expose account holders’ names, physical addresses, email addresses, financial data, credit card details, social security numbers, tax IDs, passwords, or PINs.

FireEye has named the threat actor “UNC2452,” and Volexity dubbed the threat actor “Dark Halo,” stating that the actor is the same as UNC2452, though FireEye has not substantiated that claim.

The unprecedented cyber attack on U.S. government agencies reported this month may have started earlier than last spring as previously believed, a U.S. senator involved in cybersecurity said.

In an update posted late last night, CISA said that all US government agencies that still run SolarWinds Orion platforms must update to the latest 2020.2.1HF2 version by the end of the year.

The files DataBreaches.net saw contain a lot of operational files and documents, including human resources files involving named personnel who were tested for COVID-19 and their test results.

Security consulting firm Cerberus Cyber Sentinel Corporation has acquired penetration testing company Alpine Security, to beef up their penetration testing and regulatory compliance offerings.

The attack uses three files: a dropper script (bash or PowerShell), a Golang binary worm, and an XMRig Miner—all of which are hosted on the same command and control server.

While in 2020 organizations were focused on adapting existing technology to borderless and disconnected environments, we will see a massive shift to cloud-native solutions in 2021.

According to security experts, about one in 20 web servers could be vulnerable to cross-layer and DNS poisoning attacks due to a flaw in the Linux kernel. The flaw also affects millions of Android devices.