Security Affairs

JANUARY 16, 2022

The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3 (Hybrid Backup Sync).” reads the security advisory published by the vendor. Then it also deletes snapshots to prevent restoring of data from the backups and drops a ransom note (named !!!READ_ME.txt)

Ransomware 111

Ransomware Encryption Backups Firmware 111

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware 85

Ransomware Encryption Firmware Backups 85

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Implement network segmentation. Disable hyperlinks in received emails.

Passwords 64

Passwords Government Firmware Accountability 64

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups 56

Backups Authentication Advertising Firmware 56

Security Affairs

OCTOBER 15, 2021

RDP accesses); Exploitation of vulnerabilities affecting control systems running vulnerable firmware versions. The ransomware affected the victim’s SCADA system and backup systems. The treatment system was run manually until the SCADA computer was restored using local control and more frequent operator rounds.

Ransomware 91

Ransomware Cyber threats Firmware Backups 91

Malwarebytes

MAY 28, 2021

The first is Ransom.Sodinokibi , which Malwarebytes has already profiled and has been detecting since 2019.). Below is a list of recommended mitigations from the FBI, which it issued along with an alert on Conti ransomware late last week: Regularly back up data, air gap, and password protect backup copies offline.

Healthcare 108

Healthcare Ransomware Encryption Passwords 108

eSecurity Planet

MAY 28, 2021

Nickels suggests organizations follow this guidance: Also Read: How Zero Trust Security Can Protect Against Ransomware. Prevent Rely solely on offline backups Disallow unnecessary file sharing. From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. Old way New way. Current Target: VBOS.

Software 99

Software Firmware DNS VPN 99