2019, Firmware, Information Security and VPN

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware

Firmware Ransomware Passwords Mobile

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks. The attacker is snooping on port 21,25,143,110 (1/2) — 360 Netlab (@360Netlab) December 25, 2019. #0-day

Firmware

Firmware VPN Accountability Advertising

HelloKitty ransomware gang targets vulnerable SonicWall devices

Security Affairs

JULY 18, 2021

“Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Ransomware

Ransomware Firmware Mobile InfoSec

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ CVE-2019-19781 enabled the actors to execute directory traversal attacks.[

Government

Government VPN Firmware Energy and Utilities

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

PYSA, also known as Mespinoza, was first spotted in the wild in October 2019 where it was initially used against large corporate networks. To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Only use secure networks and avoid using public Wi-Fi networks.

Education

Education Ransomware Phishing Passwords

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. hard drive, storage device, the cloud).

Passwords

Passwords Government Firmware Accountability

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Security Affairs

JANUARY 3, 2020

The security duo published on Medium the technical details of the vulnerabilities in two posts along with PoC videos for their exploitation. One of the flaws is a remote command execution flaw , tracked as CVE-2019-17621, that resides in the code used to manage UPnP requests. ” reads the post published by the experts. .”

Advertising

Advertising Firmware VPN Authentication

Kali Linux 2024.1 Release (Micro Mirror)

Kali Linux

FEBRUARY 27, 2024

We are lucky to benefit from a very generous sponsorship from Cloudflare since 2019. Now, users can effortlessly copy their VPN IP address to the clipboard with just a click , simplifying the workflow and enhancing productivity for our users. And we want to praise them for their work (we like to give credit where due!)

Software

Software Firmware VPN Internet

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The most severe vulnerability, tracked as CVE-2019-7670, is an OS command injection flaw. Another issue, tracked as CVE-2019-7669, is an improper validation of file extensions when uploading files that was rated as CVSS score of 9.1. Another critical issue, tracked as CVE-2019-7672, received a CVSS score of 8.8.

Backups

Backups Authentication Advertising Firmware

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

The first is Ransom.Sodinokibi , which Malwarebytes has already profiled and has been detecting since 2019.). Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., Consider installing and using a VPN.

Healthcare

Healthcare Ransomware Encryption Passwords

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Such bona fides led to the inaugural private “by invitation” Global Cyber Innovation Summit (GCIS) in Baltimore in May 2019. Maryland was one of the very first states to recognize the importance of information security, not only as a critical issue for the nation, but also as a strategic industry for the state,” said Governor Larry Hogan.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. While the design of a unified extensible firmware interface (UEFI) overcame BIOS limitations, both components critical to computer operation are an increasing target. Current Target: VBOS. Also Read: How to Prevent DNS Attacks.

Software

Software Firmware DNS VPN

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks. CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure.

Artificial Intelligence

Artificial Intelligence eCommerce Firmware Hacking

Cyber Security Informer

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Trending Sources

Hackers target zero-day flaws in enterprise Draytek network devices

HelloKitty ransomware gang targets vulnerable SonicWall devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

A new Zerobot variant spreads by exploiting Apache flaws

FBI warns of increase in PYSA ransomware attacks targeting education

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Kali Linux 2024.1 Release (Micro Mirror)

CISA warns of critical flaws in Prima FlexAir access control system

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Biggest Lessons about Vulnerabilities at RSAC 2021

Security Affairs newsletter Round 252

Stay Connected