Helping MSPs lead the way in cyber protection
#CyberFit Summit Schaffhausen
Acronis highlights the last spectacular November Cyber Incident

Hot News from Cyber Protection Operation Center
CPOC News Playlist with all the most actual news from Cyber Protection Operation Center. Spend just 10 minutes to get equipped for the next partner’s call!
1. Hive ransomware compromised the MediaMarkt retailer in Europe and demanded USD 240 million in ransom. Acronis Cyber Protect does protect against any kind of ransomware and prevents expensive business disruptions, keeping you ready for business.
2.Microsoft has released its monthly Patch Tuesday patches. This month has six zero-day patches and 55 total vulnerabilities being fixed. Acronis Cyber Protect’s built-in patch management makes patching these monthly patch lists easy.
3. German medical software provider, Medatixx, who supports over 21,000 medical facilities with their software and services, was the victim of a ransomware attack that encrypted critical IT systems. It is currently not known what confidential data may have been accessed by the attacker. Acronis Cyber Protect keeps your data and systems safe by detecting and blocking the behaviors ransomware exhibits.
4. NPM libraries are increasingly being targeted to distribute malware. Recently, two NPM libraries with 22 million cumulative weekly downloads were found to be distributing DanaBot malware. Acronis Cyber Protect recognizes and stops malware like DanaBot based on malicious behaviors.
5. Void Balaur has been using phishing to steal emails, and even full email boxes, from government officials and other high-profile victims around the world. Acronis Advanced Email Security scans all incoming emails for phishing and other malicious content, preventing users from ever seeing these malicious emails in the first place.
Video link to Cyber Protection Operation’s Center update on this topic
• The electronics retailer MediaMarkt and some of the Saturn stores were hit by Hive ransomware. They have over 1,000 shops in 13 European countries and over 53,000 employees, with a revenue of over 20 billion Euros last year.
• They had to disable payment terminals in the shops, which affected stores in the Netherlands, Germany, Luxembourg, Belgium, Austria and Switzerland.
• The Hive ransomware page indicates an initial ransom of USD 240 million in Bitcoin, but others report of a negotiation of 50 million at the end.
• Acronis Cyber Protect does protect against any kind of ransomware, with its included Active Protection, and prevents expensive business disruptions, keeping you ready for business.

Video link to Cyber Protection Operation’s Center update on this topic
• Microsoft has released their monthly list of patches which includes patches for Microsoft Exchange and Microsoft Excel.
• In total, there were six zero-days being patched and 55 total flaws. Twenty of these vulnerabilities allow for the elevation of privilege.
• Products affected by these patches include Azure, Office, Exchange Server, Windows Defender, and Chromium-based Edge browser.
• Do you need to apply large amounts of patches quickly and safely? Acronis Cyber Protect’s built-in patch management allows you to keep your Microsoft software up to date with ease.
Video link to Cyber Protection Operation’s Center update on this topic
• Medatixx, the German medical software provider whose solutions and software support over 21,000 medical facilities, more than 40,000 physicians, and their staff, has become the victim of a ransomware attack that brought their operations to a halt.
• The company claimed that the attack encrypted important parts of their IT systems, severely impairing access and company operations, but indicated that the damage did not reach their customers and did not impact their PVS (practice management systems). It is currently unknown whether the attacker was able to access or steal any critical or confidential data, including that belonging to customers, physicians, or patients.
• Despite containing the attack internally, Medatixx is advising any users of their products to immediately change their passwords as a precautionary measure. As of November 10th, the company is still recovering from the attack, and has only been able to restore email and telephone access.
• When ransomware hits, Acronis Cyber Protect keeps your systems and data safe with the included Active Protection to identify and block the behaviors of ransomware before your systems are encrypted or data is lost.
Video link to Cyber Protection Operation’s Center update on this topic
• The JavaScript package manager, known as NPM, has been found to have malware hidden in two popular libraries.
• Combined, the two libraries, Coa and RC, have cumulative weekly downloads of nearly 22 million..
• Each library was hiding the password-stealing malware DanaBot. The malware is suspected to have been snuck into these libraries by unauthorized access to each developer’s account.
• Regardless if malware is hidden in a supply chain attack. Once malware like DanaBot is activated, it follows a set pattern of behaviors that Acronis Cyber Protect’s behavior engine recognizes and stops.

Video link to Cyber Protection Operation’s Center update on this topic
• The cybermercenary group known as Void Balaur has been collecting data, a lot of it, and selling it to anyone willing to pay.
• In addition to seeking out large or interesting data collections, they have been targeting high profile victims, like government officials, in countries around the world.
• Void Balaur seems to use phishing to collect user credentials, and then uses those credentials to steal all of the data they can get from the victim’s email box. In some cases, the group has offered up full dumps of email boxes for sale.
• Acronis Advanced Email Security scans all incoming emails for phishing and other malicious content, preventing users from ever seeing these malicious emails in the first place.