Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Implement network segmentation. Disable hyperlinks in received emails.

Passwords 66

Passwords Government Firmware Accountability 66

SecureWorld News

DECEMBER 18, 2020

The FBI, CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently revealed that the number of ransomware incidents against K-12 districts increased dramatically at the beginning of fall 2020 classes. Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.

Ransomware 64

Ransomware Education Backups Malware 64

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Update and patch operating systems, software, and firmware as soon as updates and patches are released.

Ransomware 117

Ransomware Encryption Backups Accountability 117

Malwarebytes

MAY 6, 2022

REvil (aka Sodinokibi) first appeared in May 2020 and has been responsible for numerous high-profile ransomware attacks, including arguably the biggest ransomware attack of all time—a supply-chain attack on Kaseya VSA in July 2021 that is thought to have affected over 1,000 businesses. Ensure routine auditing is conducted for all accounts.

Ransomware 80

Ransomware Encryption Accountability Technology 80

Security Affairs

APRIL 14, 2022

sys “) by triggering the CVE-2020-15368 flaw to execute malicious code in the Windows kernel. Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups.

Passwords 115

Passwords Architecture Backups Cyber Attacks 115

Security Affairs

MAY 13, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. Implement regular data backup procedures .

Ransomware 110

Ransomware Healthcare Phishing Risk 110

Malwarebytes

APRIL 5, 2023

By January 2023, education had claimed over 80 percent of all global malware incidents —a staggering lead that has held since 2020. In fact, 57 percent of all ransomware incidents disclosed to the FBI involved K–12 districts at the start of the 2020/2021 school year, compared to just 28 percent the year prior.

Education 61

Education Ransomware Cybersecurity Risk 61

Malwarebytes

MAY 28, 2021

Two years later, the group moved to using Conti, in May 2020. Below is a list of recommended mitigations from the FBI, which it issued along with an alert on Conti ransomware late last week: Regularly back up data, air gap, and password protect backup copies offline. Avoid reusing passwords for multiple accounts.

Healthcare 103

Healthcare Ransomware Encryption Passwords 103

Malwarebytes

JULY 13, 2022

A ransomware attack in New Jersey’s Somerset County disrupted services and forced employees to shut down computers and create temporary Gmail accounts to ensure the public could still email key departments. Automatic data backups to offsite and/or segmented servers will be key in keeping businesses operational in case of breach.

Ransomware 106

Ransomware Manufacturing Government Computers and Electronics 106

Malwarebytes

JUNE 3, 2022

Conti ransomware and the group that distributes it has been a dangerous, noisy presence in the ransomware ecosystem since 2020. Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 99

Ransomware Accountability Technology Firmware 99

SecureWorld News

OCTOBER 29, 2020

October 29, 2020. Patch operating systems, software, and firmware as soon as manufacturers release updates. Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts. Audit logs to ensure new accounts are legitimate. Ryuk attacks on hospitals: 'unprecedented'.

Ransomware 63

Ransomware Healthcare Backups Cybercrime 63

eSecurity Planet

MAY 28, 2021

Prevent Rely solely on offline backups Disallow unnecessary file sharing. From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. While the design of a unified extensible firmware interface (UEFI) overcame BIOS limitations, both components critical to computer operation are an increasing target.

Software 99

Software Firmware DNS VPN 99

McAfee

AUGUST 24, 2021

It is estimated that there are over 200 million IV infusions administered globally each year, and 2020 sales of IV pumps in the US were at $13.5 Lastly, the pump runs its own custom Real Time Operating System (RTOS) and firmware on a M32C microcontroller. The backup archive can then be downloaded for later restore of the settings.

Computers and Electronics 145

Computers and Electronics Authentication Software Risk 145

eSecurity Planet

MAY 19, 2022

However, with TLS-encrypted traffic accounting for most traffic across the internet, it’s far more challenging to examine at scale. For this reason, software and firmware providers often release updates and patches to thwart hackers’ attempts. Inspecting Web Traffic. Promptly Patching Systems.

Firewall 57

Firewall Architecture Software Backups 57

eSecurity Planet

FEBRUARY 16, 2021

With over 600,000 devices, this botnet exposed just how vulnerable IoT devices could be and led to the IoT Cybersecurity Improvement Act of 2020. By obtaining sensitive authentication access, attackers can break into the vendor network or user account. A strain of keylogger malware dubbed LokiBot notably increased in 2020.

Malware 105

Malware Adware Spyware Antivirus 105

ForAllSecure

OCTOBER 29, 2020

Bee: I have to put in 16 letters and digits to get into my FreshDirect account. You want to make sure the devices used are hardened, they don’t have unnecessary outside access, that they are kept up-to-date with their software, firmware, etc. In 2020, we’re stuck in the middle of these two extremes right now.

Hacking 52

Hacking Mobile Software Technology 52

ForAllSecure

OCTOBER 29, 2020

Bee: I have to put in 16 letters and digits to get into my FreshDirect account. You want to make sure the devices used are hardened, they don’t have unnecessary outside access, that they are kept up-to-date with their software, firmware, etc. In 2020, we’re stuck in the middle of these two extremes right now.

Hacking 52

Hacking Mobile Software Technology 52

ForAllSecure

OCTOBER 20, 2020

Bee: I have to put in 16 letters and digits to get into my FreshDirect account. You want to make sure the devices used are hardened, they don’t have unnecessary outside access, that they are kept up-to-date with their software, firmware, etc. In 2020, we’re stuck in the middle of these two extremes right now.

Hacking 40

Hacking Mobile Software Technology 40

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). We first reported DeathStalker’s VileRAT campaign in August 2020. Final thoughts.

Malware 130

Malware Firmware Phishing Cryptocurrency 130