Macro News
[Gartner 2021 global data center infrastructure spending will grow by 6%] Although spending will drop by 10% in 2020, the data center market will rebound in the next four years. According to Gartner’s latest forecast, end-user spending on global data center infrastructure is expected to reach US$200 billion in 2021, an increase of 6% over 2020. Although due to cash flow restrictions during the COVID-19 pandemic, data center spending will fall by 10.3% in 2020, the data center market is still expected to grow year-on-year, and this situation will continue until 2024. Naveen Mishra, senior research director at Gartner, said: “For most companies, the first priority in 2020 is to stay operational, so data center spending growth is usually delayed until the market enters a recovery period. Gartner predicts that large enterprise data center sites There will be a temporary pause, and the expansion plan will be resumed later this year or early next year. However, due to continued investment in public clouds, hyper-scale computing companies will continue to implement global expansion plans."
[hacker crisis! South Korea launched a new type of supply chain cyberattack] Recently, South Korea launched a new type of supply chain hacking attack that abused legitimate security software and stolen digital certificates to distribute remote management tools on target systems ( RAT). Although the scope of the attack is limited, it uses WIZVERA VeraPort, which is called "a program designed to integrate and manage installation procedures related to online banking", such as digital certificates issued by banks for individuals and businesses to ensure all transactions and Process safety. In addition to using the aforementioned techniques for installing security software to distribute malware from legitimate but compromised websites, the attackers also used illegally obtained code signing certificates to sign malware samples, one of which was issued to a branch in the United States. Guo Shenghua, a well-known international white hat hacker and founder of the Eastern Alliance, revealed: "The attacker disguised the Lazarus malware samples as legitimate software. These samples have file names, icons and resources similar to legitimate Korean software. This is the website under attack and WIZVERA. The combination of VeraPort support and specific VeraPort configuration options that allow attackers to perform this attack."
[U.S. Senate passes the Networking Device Security Act: signed by the President] According to foreign media reports, the U.S. Senate unanimously passed bipartisan legislation this week --"The Internet of Things Cybersecurity Improvement Act" to improve the network security of networked devices. The law proposal will require private agencies that provide equipment to the federal government to notify relevant agencies when there are vulnerabilities in networked devices that may make the government vulnerable. The law stipulates that all Internet-connected devices such as computers and mobile devices purchased by the federal government must comply with the minimum security recommendations issued by the National Institute of Standards and Technology. It is reported that the bill was introduced in the Senate by the co-founders of the Senate Cyber Security Caucus, Democratic Senator Mark Warner of Virginia and Senator Cory Gardner, Republican of Colorado, and they all congratulated the passage of the bill.
Security News
[Internal documents discussing anti-EU sanctions were leaked, Google CEO apologized] In response to a leaked internal document, Google’s parent company Alphabet CEO Sundar Pichai (Sundar Pichai) asked the European Commissioner for Industrial Policy Thierry Breton apologized. This document proposes to counter the European Union’s new tough rules for Internet companies and suggests lobbying the European Commissioner. According to a statement from the European Commission, Pichai and Breton exchanged views in a video conference late Thursday local time. This is also their third meeting this year. This video conference was held after this Google document was leaked. This internal Google document outlines a 60-day strategy aimed at preventing the introduction of tough new EU rules against Internet companies by allowing American allies to counter Breton. The video conference was initiated by Google. Before the meeting, Breton showed Pichai the leaked document.
[Hack the Building: Network exercise sponsored by the US Cyber Command] Starting from November 16, 2020, the Maryland Institute for Innovation (MISI) and its DreamPort program and sponsor US Cyber Command will be held, focusing on various types of Facility control system cyber security and critical infrastructure cyber security cyber exercises. The event called Hack the Building 2020 will be attended by 45 offensive and defensive teams from industry, academia, civil affairs agencies and the Ministry of National Defense. The entire event will be held from November 16th to 19th and will be broadcast live on Twitch. Teams will compete on the spot: infiltrate, destroy or take over the intelligent systems in the building. (Buildings, nouns, namely buildings, buildings)
[ransomware Egregor prints ransom information through printers] Recently, Chile-based multinational retail company Cencosud was attacked by Egregor ransomware, which affected the normal services of its stores. Over the weekend, Centosud was attacked by ransomware, which encrypted devices in the entire retail store and affected the company's normal operations. One of the stores in Buenos Aires put up a prominent slogan reminding customers that due to technical problems, it does not accept Cencosud credit card payments, returns, or orders online. Judging from the ransom information, the attack was initiated by the Egregor ransomware and targeted the Cencosud domain. According to people familiar with the matter, printers in many stores in Chile and Argentina started printing ransom messages after the devices were encrypted.
[Capcom admitted to data breach and disclosed details] Recently, Japanese gaming giant Capcom was attacked by ransomware. Attackers stole customer information and employee information. On November 16, local time, Capcom issued a data breach announcement, acknowledging that the attack not only resulted in the theft of confidential company documents, but also the theft of customer and employee data. During the attack, the hacker can access the customer's name, address, gender, phone number, email address, date of birth, investor name, holdings and photos. The information exposed by employees may include name, address, passport information, signature, birthday, phone number, photo, email address, etc. Capcom pointed out that the third-party service provider did not process any credit card information or payment transactions.
[Many “inner ghosts” in Yuantong rented employee accounts for a fee, and 400,000 pieces of personal information of citizens were leaked] Recently, the news of “400,000 pieces of personal information leaked by ghosts in Yuantong” spread. YTO Express responded to this, saying that the investigation found that two accounts of affiliated outlets in Hebei province had abnormal queries on the waybill information of the outlets. It is suspected that individual employees of the affiliated outlets colluded with external criminals and used employee accounts and illegal third-party tools to steal The information on the waybill led to the leakage of the information, and the suspect was arrested in September. According to Wang Qiudong, leader of the Anti-fraud Center of the Public Security Bureau of Handan Yongnian District, the suspect Ma Moujie hired Zhang Mouxing and Gao Mouqiao to rent an internal employee system account of a logistics company at a daily cost of 500 yuan. Gang members Guo Mou and Du Moulong Log in and rent the system account of Zhao Xing and others to enter the logistics system and export the courier information. Gang member Zhu Mozhao sorts out the stolen courier information and gives it to his associate Lu Moushuo. Lu Moushuo also sold to areas with high incidence of telecommunications fraud across the country and Southeast Asia through WeChat and QQ.