2019, Firmware, Information Security and Ransomware

HelloKitty ransomware gang targets vulnerable SonicWall devices

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware

Ransomware Firmware Mobile InfoSec

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

SonicWall has issued an urgent security alert to warn customers of “ an imminent ransomware campaing ” targeting EOL equipment. SonicWall has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL). x firmware versions.

Firmware

Firmware Ransomware Passwords Mobile

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware

Ransomware Encryption Firmware Passwords

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt reads the security advisory published by the vendor.

Ransomware

Ransomware Encryption Backups Firmware

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Canon DSLR Camera Infected with Ransomware Over the Air. A researcher discovered 6 flaws in the image transfer protocol used in Canon EOS 80D DSLR cameras that allow him to infect the device with ransomware over the air. An attacker could exploit the flaw to compromise the device and install ransomware on the camera.

Firmware

Firmware Ransomware Wireless Encryption

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware

Ransomware Encryption Firmware Backups

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. And this isn’t just limited to ransomware attacks.

Education

Education Ransomware Phishing Passwords

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. The Cring ransomware appeared in the threat landscape in January, it was first reported by Amigo_A and the CSIRT team of Swisscom. The #CRING #ransomware is then downloaded via certutill.

VPN

VPN Ransomware Antivirus Firmware

Three more ransomware attacks hit Water and Wastewater systems in 2021

Security Affairs

OCTOBER 15, 2021

A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year.

Ransomware

Ransomware Cyber threats Firmware Backups

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare

Healthcare Ransomware Encryption Passwords

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices.

Malware

Malware Firmware Architecture Firewall

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. .” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ CVE-2019-19781 enabled the actors to execute directory traversal attacks.[

Government

Government VPN Firmware Energy and Utilities

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

APRIL 12, 2022

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox, Small Office/Home Office (SOHO) network devices, and ASUS router models.

Firmware

Firmware Malware Cybersecurity Hacking

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox, Small Office/Home Office (SOHO) network devices, and ASUS router models.

Malware

Malware Government Firmware Firewall

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Security Affairs

NOVEMBER 10, 2019

Information Risk Management (IRM) recently published its 2019 Risky Business Report. The IRM report presumably referred to an August 2019 incident involving ransomware that corrupted all the audio files associated with a Christian station.

Risk

Risk Cybersecurity Artificial Intelligence Education

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Last week’s RSA Conference covered a litany of network security vulnerabilities, from developing more robust tokenization policies and to addressing UEFI-based attacks, and non-endpoint attack vectors. Ransomware: Encryption, Exfiltration, and Extortion. Also Read: Types of Malware | Best Malware Protection Practices for 2021.

Software

Software DNS Firmware VPN

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack.

Artificial Intelligence

Artificial Intelligence eCommerce Firmware Hacking

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

Vamosi: Wiki space, got bought out and then shut down in January of 2019. And that's probably a security design of what they're, what they might put out there and encryption keys and things like that. And then you have the smart meters and so the software on the smart meters that's just 100% on its firmware. Hash: I don't.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Cyber Security Informer

HelloKitty ransomware gang targets vulnerable SonicWall devices

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Trending Sources

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Infecting Canon EOS DSLR camera with ransomware over the air

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

FBI warns of increase in PYSA ransomware attacks targeting education

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Three more ransomware attacks hit Water and Wastewater systems in 2021

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

US and UK link new Cyclops Blink malware to Russian state hackers?

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

US dismantled the Russia-linked Cyclops Blink botnet

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

The Biggest Lessons about Vulnerabilities at RSAC 2021

Security Affairs newsletter Round 252

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Stay Connected