2020, Antivirus, Firmware and Passwords

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The gang has been active since at least 2020, threat actors hit organizations from various industries. Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline.

Ransomware

Ransomware Firmware Antivirus Accountability

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. 583% increase in Kerberoasting [password hash cracking] attacks. 64% of managers and higher admit to poor password practices.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Implement the shortest acceptable timeframe for password changes.

Passwords

Passwords Government Firmware Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

How to Get Out of a Scam

CyberSecurity Insiders

NOVEMBER 14, 2021

2020 was a high-water mark for online scams and fraud. million fraud complaints in 2020. They contain a wealth of information like credit card numbers, online passwords, photos, intellectual property, work documents and more. Run a complete antivirus/anti-malware scan and update software. Consumers lost $3.3

Scams

Scams Banking Accountability Passwords

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

ForrmBook is capable of key logging and capturing browser or email client passwords, but its developers continue to update the malware to exploit the latest Common Vulnerabilities and Exposures (CVS), such as CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability. AZORult's developers are constantly updating its capabilities.

Malware

Malware Banking Healthcare Penetration Testing

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Install an antivirus solution that includes anti-adware capabilities. Organizations can help prevent their computers from becoming part of a botnet by installing anti-malware software, using firewalls , keeping software up-to-date, and forcing users to use strong passwords. How to Defend Against Adware. with no internet.

Malware

Malware Adware Spyware Antivirus

Ransomware’s Number 1 Target? Your Kid’s School

SecureWorld News

DECEMBER 18, 2020

The FBI, CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently revealed that the number of ransomware incidents against K-12 districts increased dramatically at the beginning of fall 2020 classes. Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.

Ransomware

Ransomware Education Backups Malware

Ransomware: April 2022 review

Malwarebytes

MAY 6, 2022

REvil (aka Sodinokibi) first appeared in May 2020 and has been responsible for numerous high-profile ransomware attacks, including arguably the biggest ransomware attack of all time—a supply-chain attack on Kaseya VSA in July 2021 that is thought to have affected over 1,000 businesses. An old enemy returns.

Ransomware

Ransomware Encryption Accountability Technology

Ransomware: May 2022 review

Malwarebytes

JUNE 3, 2022

Conti ransomware and the group that distributes it has been a dangerous, noisy presence in the ransomware ecosystem since 2020. Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Install and regularly update antivirus software on all hosts, and enable real-time detection.

Ransomware

Ransomware Accountability Technology Firmware

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. In late August 2020, we published an overview of DeathStalker and its activities, including the Janicab, Evilnum and PowerSing campaigns.

Malware

Malware Computers and Electronics Adware Cryptocurrency

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Update and patch operating systems, software, and firmware as soon as updates and patches are released.

Ransomware

Ransomware Encryption Backups Accountability

Alert: 'Imminent and Increasing Threat' as Wave of Ryuk Ransomware Hits Hospitals

SecureWorld News

OCTOBER 29, 2020

October 29, 2020. Both frameworks are very robust and are highly effective dual-purpose tools, allowing actors to dump clear text passwords or hash values from memory with the use of Mimikatz. Patch operating systems, software, and firmware as soon as manufacturers release updates. Ryuk attacks on hospitals: 'unprecedented'.

Ransomware

Ransomware Healthcare Backups Cybercrime

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

By January 2023, education had claimed over 80 percent of all global malware incidents —a staggering lead that has held since 2020. In fact, 57 percent of all ransomware incidents disclosed to the FBI involved K–12 districts at the start of the 2020/2021 school year, compared to just 28 percent the year prior.

Education

Education Ransomware Cybersecurity Risk

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

This toolset was in use from as early as July 2020, mainly targeting Southeast Asian entities, including government agencies and telecoms companies. Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit. Gamers beware.

Malware

Malware Banking Energy and Utilities Accountability

APT Attacks & Prevention

eSecurity Planet

MARCH 23, 2022

Chinese APT attackers developed a Unified Extensible Firmware Interface (UEFI) malware that hijacks the booting sequence and is saved in the SPI flash memory of the motherboard beyond where most tools might remove it. Use strong passwords. Maintain effective endpoint security ( antivirus , EDR ). Strong Access Control for Users.

Firewall

Firewall Malware Phishing Software

Cyber Security Informer

Ranzy Locker ransomware hit tens of US companies in 2021

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Webinars

Trending Sources

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Webinars

How to Get Out of a Scam

Top 10 Malware Strains of 2021

Types of Malware & Best Malware Protection Practices

Ransomware’s Number 1 Target? Your Kid’s School

Ransomware: April 2022 review

Ransomware: May 2022 review

IT threat evolution Q3 2022

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Alert: 'Imminent and Increasing Threat' as Wave of Ryuk Ransomware Hits Hospitals

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

IT threat evolution Q3 2021

APT Attacks & Prevention

Stay Connected