Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. ” continues Kaspersky.

VPN 103

VPN Ransomware Antivirus Firmware 103

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Install and regularly update antivirus and anti-malware software on all hosts.

Passwords 69

Passwords Government Firmware Accountability 69

Security Affairs

MAY 19, 2023

Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and social media and online messaging accounts and monetization via advertisements. Threat actors compromised third-party software or the installation of malware-laced firmware.

Mobile 92

Mobile Advertising Malware Cybercrime 92

eSecurity Planet

FEBRUARY 15, 2022

Implement network segmentation , “such that all machines on your network are not accessible from every other machine” Update antivirus software on all hosts and enable real-time detection. Update and patch operating systems, software, and firmware as soon as updates and patches are released.

Ransomware 117

Ransomware Encryption Backups Accountability 117

eSecurity Planet

MARCH 1, 2023

You need to have a reasonable level of trust in the devices connecting to any network, so any policies you can set to require things like antivirus , updated operating systems and VPNs will protect both the network and its users. Limiting use of a device’s administrator account where possible for greater personal device security.

Wireless 89

Wireless Encryption Authentication IoT 89

SecureList

MARCH 1, 2021

Users attacked by adware in 2018 through 2020 ( download ). The manufacturer of the mobile device preloads an adware application or a component with the firmware. In particular, advertisers can display targeted offerings, and attackers can access accounts with various services, such as online banking. Attacks on personal data.

Mobile 132

Mobile Malware Adware Banking 132

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. onion ghtyqipha6mcwxiz[.]onion

Malware 107

Malware DNS Encryption Cryptocurrency 107