2014, Firewall and Passwords - Cyber Security Informer

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall

Firewall Passwords Accountability Advertising

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. It was designed to download payloads intended to exfiltrate XG Firewall-resident data. Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Ransomware Passwords VPN

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. Retail giant Home Depot has agreed to a $17.5 ” . .

Retail

Retail Data breaches Penetration Testing Password Management

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The Top 5 Website Security News Stories of 2014

SiteLock

AUGUST 27, 2021

What can we learn when we look at the news from the website security landscape of 2014? Heartbleed was perhaps the most infamous web security exploit of 2014. A member of Google’s Security Team, Neel Mehta , discovered the bug in April 2014. What we also typically do is look to the past year to see what we can learn. Heartbleed.

Firewall

Firewall Cyber Attacks Education Hacking

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

Firewall

Firewall VPN Passwords Internet

Threat actors target WordPress sites using vulnerable File Manager install

Security Affairs

SEPTEMBER 11, 2020

The security firm confirmed the ongoing attack, its Web Application Firewall blocked over 450,000 exploit attempts during the last several days. The Wordfence firewall has blocked over 450,000 exploit attempts targeting this vulnerability over the past several days. This threat actor is using a consistent password across infections.

Firewall

Firewall Passwords Advertising Malware

Imperva data Breach: WAF customers’ data exposed

Security Affairs

AUGUST 27, 2019

Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product. Cybersecurity firm Imperva disclosed a data breach that has exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula.

Data breaches

Data breaches Firewall Passwords Advertising

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

I strongly advise you, firstly, to log on to all servers running HP Device Manager and set a strong password for the "dm_postgres" user of the "hpdmdb" Postgres database on TCP port 40006 1/4 — Nicky Bloor (@nickstadb) September 29, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Accountability Passwords InfoSec

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. MMD believed the Linux Trojan originated in China.

Malware

Malware IoT DDOS DNS

Imperva explains how hackers stole AWS API Key and accessed to customer data

Security Affairs

OCTOBER 14, 2019

Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall (WAF) customers. In August, cybersecurity firm Imperva disclosed a data breach that exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula.

Firewall

Firewall Passwords Accountability Data breaches

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection. Require strong and complex passwords for all accounts that can be logged into via RDP. Use an additional layer of authentication ( MFA/2FA ).

Passwords

Passwords Internet Internet Advertising

Black Friday: The Time for Closeouts, Rollbacks and Cyberattacks

SiteLock

AUGUST 27, 2021

In 2014, attackers primarily used command-injection attacks, such as SQL injection during the holiday season. While SQL injection was popular last season, two weeks before Black Friday, attackers switched to password guessing, which ended up accounting for half of all attacks. Leave it to cybercriminals to keep us all guessing.

Retail

Retail Passwords Firewall Accountability

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

It sells a range of Internet appliances primarily directed at content control and network security, including devices providing services for network firewalls, unified threat management (UTM), virtual private networks (VPNs), and anti-spam for email. SRA 4200/1200 (EOL 2016) disconnect immediately and reset passwords. Devices at risk.

Ransomware

Ransomware Firmware VPN Firewall

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

If these services are required, use strong passwords or Active Directory authentication. Enforce a strong password policy and implement regular password changes. Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. the extension matches the file header).

Malware

Malware Government Passwords System Administration

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

If these services are required, use strong passwords or Active Directory authentication. Enforce a strong password policy and implement regular password changes. Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. the extension matches the file header).

Malware

Malware Passwords Advertising Antivirus

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

The report also analyzed a PowerShell shell script that is part of the KeeThief open-source project, which allows the adversary to access encrypted password credentials stored by the Microsoft “KeePass” password management software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Passwords Advertising Password Management

Convert Plus WordPress plugin flaw allows hackers to create Admin accounts

Security Affairs

MAY 30, 2019

” The hack allows to create a new admin account with a randomized password, but it is not a problem because the attacker can use a classic password reset procedure to change the password too. Firewall rule released for Premium users. June 27 – Planned date for firewall rule’s release to Free users.

Accountability

Accountability Firewall Passwords Advertising

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malware is able to steal sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) . If these services are required, use strong passwords or Active Directory authentication. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

Set up a Web Application Firewall to block suspicious and malicious requests from reaching the website. Require strong administrative passwords(use a password manager for best results) and enable two-factor authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

eCommerce

eCommerce Malware Encryption Advertising

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

Exposed data include hashtype , leak year, password (hashed, encrypted or plaintext, depending on the leak), email, email domain, and source of the leak (i.e. The firewall was temporarily disabled for roughly 10 minutes during the migration, which allowed the search engine to index the database. Adobe, Last. Pierluigi Paganini.

Data breaches

Data breaches DNS Advertising Engineering

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

Change the default username and passwords for all network devices, especially IoT devices. If the device’s default username or password cannot be changed, ensure the device(s) providing Internet access to that device has a strong password and a second layer of security, such as multi-factor authentication or end-to-end encryption.

DDOS

DDOS IoT Internet Internet

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Security Affairs

JANUARY 16, 2020

. “ we found that the InfiniteWP Client and WP Time Capsule plugins also contain logical issues in the code that allows you to login into an administrator account without a password.” The plugins are affected by logical issues that could allow attackers to log in as administrators without providing any password.

Passwords

Passwords Advertising Authentication Backups

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. “We have also listed the current vulnerabilities EnemyBot uses.

Malware

Malware DDOS IoT Cybercrime

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). OAuth is a magical mechanism which prevents you from having to remember 10,000 passwords. API Firewalling. Don’t communicate with strangers.

Authentication

Authentication Firewall Encryption Passwords

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. Experts also recommend to access admin endpoints only through firewall or VPN gateway. ” concludes the experts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

Also, there is no firewall by default.” ” Experts also reported the use of predefined passwords for admin accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. It only listens to the loopback interface.”

Accountability

Accountability Advertising Software Authentication

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

It is essential to install firewall and antivirus software on your routers and keep them up-to-date. Use Strong Passwords. Most people are comfortable with the default password of their internet connecting device and assume it to be secure. It is recommended to keep changing your device password every now and then.

Hacking

Hacking VPN Internet Internet

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

“A DNS request can be made by an unauthenticated attacker to either spam a DNS service of a third party with requests that have a spoofed origin or probe whether domain names are present on the internal network behind the firewall,” reads the advisory published by the experts. Pierluigi Paganini. SecurityAffairs – Zyxel, hacking).

DNS

DNS Hacking Firmware Wireless

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Ares bot also scans for both other Android systems running Telnet services and attempt to crack passwords protecting them. Companies are advised to implement firewalls or other security solutions, or segment local networks, so any infected device doesn’t have access to critical systems. ” continues the analysis.

IoT

IoT Passwords Advertising Malware

How to defend your website against card skimmers

Malwarebytes

NOVEMBER 22, 2021

Cybercriminals don’t break into websites one by one, using their best guess to figure out your password like they do in the movies. If your computer has malware on it, it doesn’t matter how secure your website is, because criminals can just steal your password or login in to your website from your computer, pretending to be you.

Passwords

Passwords Software Internet Internet

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Use a firewall. Change the default password. Most printers have default administrator usernames and passwords. Change it to a strong, unique password in the utility settings of your printer and make sure print functions require log on credentials. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking IoT Firmware Internet

Home Depot Data Breach Settlement: 5 Things It Must Do Now

SecureWorld News

DECEMBER 1, 2020

The Home Depot recently reached a multi-state agreement which settles an investigation into a 2014 data breach. In 2014, hackers accessed the company's network and installed malware to the self-checkout point-of-sale system. The data breach compromised payment card information of roughly 40 million customers. million to 46 U.S.

Data breaches

Data breaches Penetration Testing Password Management Information Security

Malware campaign uses multiple propagation methods, including EternalBlue

Security Affairs

APRIL 12, 2019

. “Instead of directly sending itself into all the systems connected, the remote command changes the firewall and port forwarding settings of the infected machines, setting up a scheduled task to download and execute an updated copy of the malware.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Cryptocurrency Passwords Advertising

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The devices continue to leak the information even when their firewall is turned on. The issue discovered by the expert, in fact, could be used by attackers to discover if the vulnerable routers are still using default administrative passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT DNS Advertising

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

NOVEMBER 11, 2019

The ZoneAlarm suite includes antivirus software and firewall solutions to and users and small organizations, it has nearly 100 million downloads. The company sent a data breach notification mail to forum users urging them to change their forum account passwords. You will be requested to reset your password once joining the forum.”

Hacking

Hacking Data breaches Passwords Advertising

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

. “By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.”

VPN

VPN Malware Cyber threats Accountability

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Additionally, no firewall rules, port forwarding rules, or DDNS setup are required on the router, which makes this option convenient also for non-tech-savvy users.” The “P2P Cloud” feature bypasses firewalls and effectively allows remote connections into private networks. ” reads the report published by SEC Consult. !

Surveillance

Surveillance Hacking Firmware Manufacturing

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

“ Attackers can easily obtain default passwords and identify internet-connected target systems. Passwords can be found in p roduct documentation and compiled lists available on the Internet.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Hacking Internet Internet

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Below some mitigations recommended by the Microsoft Defender Advanced Threat Protection (ATP) Research Team to reduce risk from threats that exploit gateways and VPN vulnerabilities: Apply all available security updates for VPN and firewall configurations. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

Key Takeaway from the Colonial Pipeline Attack

Cisco Security

MAY 24, 2021

Average fuel prices rose to their highest since 2014 and President Joe Biden declared a state of emergency to allow additional transport of fuel by road to alleviate shortages. Cybercriminal groups such as DarkSide rely on weak passwords to gain access to an organization’s network and critical systems. Isolate your OT and IT networks.

Firewall

Firewall IoT DNS Cyber Attacks

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

Exposed data include hashtype , leak year, password (hashed, encrypted or plaintext, depending on the leak), email, email domain, and source of the leak (i.e. The firewall was temporarily disabled for roughly 10 minutes during the migration, which allowed the search engine to index the database. Adobe, Last. Pierluigi Paganini.

Data breaches

Data breaches DNS Advertising Engineering

CookieMiner Mac Malware steals browser cookies and sensitive Data

Security Affairs

JANUARY 31, 2019

“It also steals saved passwords in Chrome. Like DarthMiner, the malware leverages on the EmPyre backdoor as a post-exploitation agent, it checks if the Little Snitch firewall is running on the target host and aborts installation if it does. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Cryptocurrency Authentication Advertising

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

MAY 11, 2020

To maximize your network security, always protect your router with a unique password and use an encrypted network. The firewall should also be enabled on all devices in the loop. The employees must use either face recognition or fingerprint recognition, along with their passwords, to get access to their accounts.

Encryption

Encryption Data breaches Advertising Passwords

Flaws in Siemens SPPA-T3000 control system expose power plants to hack

Security Affairs

DECEMBER 13, 2019

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. This could stop electrical generation and cause malfunctions at power plants where vulnerable systems are installed.” Pierluigi Paganini. SecurityAffairs – Siemens SPPA-T3000, hacking).

Hacking

Hacking Advertising Firewall Technology

Hackers exploit SQL injection zero-day issue in Sophos firewall

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Webinars

Trending Sources

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Webinars

The Top 5 Website Security News Stories of 2014

Sophos fixed a critical vulnerability in Cyberoam firewalls

Threat actors target WordPress sites using vulnerable File Manager install

Imperva data Breach: WAF customers’ data exposed

HP Device Manager flaws expose Windows systems to hack

Massive increase in XorDDoS Linux malware in last six months

Imperva explains how hackers stole AWS API Key and accessed to customer data

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Black Friday: The Time for Closeouts, Rollbacks and Cyberattacks

SonicWall warns users of “imminent ransomware campaign”

US govt agencies share details of the China-linked espionage malware Taidoor

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

US CISA report shares details on web shells used by Iranian hackers

Convert Plus WordPress plugin flaw allows hackers to create Admin accounts

CISA’s advisory warns of notable increase in LokiBot malware

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

EnemyBot malware adds new exploits to target CMS servers and Android devices

API Security and Hackers: What?s the Need?

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

5 Ways to Protect Yourself from IP Address Hacking

Some Zyxel devices can be hacked via DNS requests

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

How to defend your website against card skimmers

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Home Depot Data Breach Settlement: 5 Things It Must Do Now

Malware campaign uses multiple propagation methods, including EternalBlue

Dozens of Linksys router models leak data useful for hackers

ZoneAlarm forum site hack exposed data of thousands of users

CISA says federal agency compromised by malicious cyber actor

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Key Takeaway from the Colonial Pipeline Attack

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

CookieMiner Mac Malware steals browser cookies and sensitive Data

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Flaws in Siemens SPPA-T3000 control system expose power plants to hack

Stay Connected