November Cyber Roundup

December 12, 2017

November was another busy month as people geared up for Black Friday shopping and the pitfalls that brings to both online retailers and consumers alike. Take a look at our quick roundup of November’s cyber highlights that you may have missed.

Cloud Security

Uber Exposed
In September and October, it was the consultancy firms Deloitte and Accenture; in November, it was the taxi sharing giant, Uber. Due to hackers gaining login credentials to access stored on Uber’s AWS account, personal information of 57m customers and drivers were stolen. To make matters worse, Uber covered up the breach by paying the attackers $100k to delete the confidential documents and didn’t report it. READ MORE

Why Is This Significant?
Cloud services offer organizations great flexibility and efficiency in the way they work and manage their operations. It is important that these organizations have the right controls and measures in place however to ensure their data is safe from potential breaches in security.


Australian Government Data Leak
The Australian government has had a run of data breaches over the last year or so. In November, 50,000 government employee personal records were leaked due to a misconfigured Amazon cloud storage server that was backing up their data. The data exposed in the Amazon S3 bucket included names, email addresses, phone numbers, IDs, passwords, some credit card numbers and details of staff salaries and expenses. READ MORE

Why Is This Significant?
Amazon’s Simple Storage Service is widely used by organizations due to its flexibility and low cost. While Amazon maintains security recommendations that all S3 users should follow, not all do. It is crucial that organizations understand and implement the recommendations to keep their data safe from public viewing.


PC Security

Black Friday Shopping
Bargain hunters were at risk from cyber-criminals targeting online shoppers enjoying the run up to the Black Friday and Christmas holidays shopping season. Researchers at Check Point recently discovered that criminals have a new way to trick merry online shoppers via the massively popular AliExpress shopping portal. After discovering the vulnerability, Check Point Researchers immediately informed AliExpress who, due to their very serious approach to cybersecurity, took swift action and fixed it within two days of notification. READ MORE

Why Is This Significant?
Due to the large amount of financial data, both on the retailer and customer front, online retail is one of the most targeted industries for cyber-criminals. Consumers should always be on high alert for suspicious activity or requests while shopping online and ensure they are following secure guidelines when shopping online. In addition, they should have a solid anti-virus package, such as Zone Alarm, installed on their PC to keep them protected at all times.


Ordinrypt Ransomware Targets German Businesses
German businesses were targeted in November by the Ordinypt wiper ransomware, in the guide of fake job applicants inquiring about possible vacancies. The malware is vicious as instead of locking up the victim’s files, it simply wipes them with a random ‘garbage’ file and deletes the original file afterwards. Ordinrypt was hidden in attachments named ‘Viktoria Henschel’, which were supposedly a JPG image of the woman sending a resume, and a ZIP file containing the resume and a curriculum vitae. READ MORE

Why Is This Significant?
Similar to NonPetya, the fake ransomware that hit the Ukraine earlier this year, Ordinrypt is a wiper malware that disguises itself as a ransomware attack, demanding payment to a random bitcoin wallet. The damage caused is much worse though, as the victim’s files are irretrievable. It is vital that businesses protect themselves against suspicious attachments and have software in place to scan potential hazards before it is too late.



Mobile Attack Report
Every business has experienced at least one mobile cyberattack in the past year, according to a new study published today by Check Point mobile threat researchers. The report, entitled Mobile Cyberattacks Impact Every Business, is the first study to document the volume and impact of mobile attacks across corporate and public enterprise environments. READ MORE

Why Is This Significant?
Key findings of the mobile security report show that every company is under some form of attack. The most affected industries are financial services and government. The most mobile attacks occur on businesses in the Americas and although the majority of attacks are on Android devices, iOS devices are not immune to breaches. All business leaders would do well to read this report and understand the risks they face.




  • Check Point Research Publications
  • Global Cyber Attack Reports
  • Threat Research
February 17, 2020

“The Turkish Rat” Evolved Adwind in a Massive Ongoing Phishing Campaign

  • Check Point Research Publications
August 11, 2017

“The Next WannaCry” Vulnerability is Here

  • Check Point Research Publications
January 11, 2018

‘RubyMiner’ Cryptominer Affects 30% of WW Networks