Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The Taiwanese vendor published a security advisory to warn its customers of the ongoing attacks and is urging them to install the latest Malware Remover version and scan their devices for indicators of compromise.

Ransomware 119

Ransomware Backups Media Malware 119

Security Affairs

SEPTEMBER 8, 2020

Probably the most interesting vulnerability is an undocumented backdoor, tracked as CVE-2020-15835, that can be exploited by attackers to gain root access to a router. “The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password.

Firmware 87

Firmware Wireless Authentication Advertising 87

Security Affairs

DECEMBER 12, 2020

The flaw, tracked as CVE-2020-25191, affects driver versions prior to 20.5. “Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the device remotely.” Update the firmware on CompactRIO controllers to v8.5

Firmware 88

Firmware Manufacturing Software Authentication 88

SecureList

JUNE 8, 2022

During 2020 and 2021, more than 500 router vulnerabilities were found. The nvd.nist.gov website presents different figures, but they too show a significant increase in the number of router vulnerabilities found in 2020 and 2021. Router-targeting malware. Mirai is not the only DDoS malware to target routers. Verdict. %*.

DDOS 104

DDOS Passwords IoT Firmware 104

Security Affairs

APRIL 25, 2021

Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. “The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface.

Firmware 111

Firmware Passwords Authentication Wireless 111

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. Patch operating systems, software, firmware, and endpoints. PIN Number 20201210-001.

Ransomware 138

Ransomware Backups Firmware Accountability 138

Security Affairs

JULY 1, 2020

Four of flaws have been rated high severity , they can be exploited by an unauthenticated attacker with network access to the vulnerable Netgear device to execute arbitrary code with admin or root privileges, and to bypass authentication. ZDI reported the flaws to the vendor in November 2019, January and February 2020.

Authentication 130

Authentication Firmware Hacking Mobile 130

eSecurity Planet

APRIL 28, 2022

The table below shows the top 15 vulnerabilities observed by the US, Australian, Canadian, New Zealand, and UK cybersecurity authorities, linked to National Vulnerability Database entries and associated malware. CVE-2020-1472. CVE-2020-0688. CVE-2020-2509. Vulnerability. Vendor and Product. CVE-2021-44228. Apache Log4j.

Cybersecurity 113

Cybersecurity Software Firmware Internet 113

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012.

IoT 107

IoT DDOS Authentication Advertising 107

Malwarebytes

SEPTEMBER 3, 2021

Rise in malware. As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Critical infrastructure.

Ransomware 136

Ransomware Manufacturing Passwords Internet 136

Security Affairs

OCTOBER 26, 2021

The gang has been active since at least 2020, threat actors hit organizations from various industries. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use double authentication when logging into accounts or services. Disable hyperlinks in received emails.

Ransomware 128

Ransomware Firmware Antivirus Accountability 128

Security Affairs

JANUARY 22, 2021

Realmode Labs reported the flaws to Amazon on October 17 and the company released security updates to address them on December 10, 2020. The experts discovered that Amazon did not verify the authenticity of the email sender, this means that attackers can spoof an email address that is present in the list of approved addresses.

Hacking 135

Hacking Authentication Firmware Phishing 135

Security Affairs

APRIL 2, 2021

The vulnerabilities affect QNAP TS-231 SOHO NAS devices running firmware version 4.3.6.1446 that reached end of life (EOL). “During the inspection, we fuzzed the web server with customized HTTP requests to different cgi pages, with focus on those that do not require prior authentication. ” continues the advisory.

Firmware 73

Firmware Internet Internet Authentication 73

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. hard drive, storage device, the cloud).

Ransomware 98

Ransomware Passwords Backups Firmware 98

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Use multifactor authentication where possible.

Passwords 66

Passwords Government Firmware Accountability 66

Security Affairs

MAY 13, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. Require multi-factor authentication for remote access to OT and IT networks. 3 ],[ 4 ]” reads the joint alert.

Ransomware 109

Ransomware Healthcare Phishing Risk 109

Security Affairs

APRIL 14, 2022

According to the advisory that was issued with the help of leading cybersecurity firms (Dragos, Mandiant, Microsoft, Palo Alto Networks, and Schneider Electric), nation-state hacking groups were able to hack multiple industrial systems using a new ICS-focused malware toolkit dubbed PIPEDREAM that was discovered in early 2022.

Passwords 115

Passwords Architecture Backups Cyber Attacks 115

SecureList

JULY 19, 2023

The connection to the remote SMB server sends the user’s Net-NTLMv2 hash in a negotiation message, which the threat actor can use to either: Relay for authentication against other systems that support NTLMv2 authentication. Perform offline cracking to extract the password.

Firmware 92

Firmware Internet Internet Government 92

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

There are three major threat vectors that harm IoT deployments: Devices are hijacked by malicious software; Data collected and processed in IoT ecosystems is tampered with and impacts the confidentiality, integrity and availability of the information; and, Weak user and device authentication. The truth, however, is far from that.

IoT 96

IoT Manufacturing Energy and Utilities Data collection 96

Security Affairs

FEBRUARY 25, 2020

Zyxel has released security patches to address a critical remote code execution vulnerability, tracked as CVE-2020-9054, that affects several NAS devices. “ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. ” reads the advisory published by CERT/CC. and earlier.

Authentication 70

Authentication Advertising Firmware Internet 70

SecureWorld News

DECEMBER 18, 2020

The FBI, CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently revealed that the number of ransomware incidents against K-12 districts increased dramatically at the beginning of fall 2020 classes. Specific ransomware and malware strains affecting schools. Use multi-factor authentication where possible.

Ransomware 63

Ransomware Education Backups Malware 63

eSecurity Planet

NOVEMBER 1, 2021

percent over the same period in 2020, with 313.2 New vulnerabilities are created every day by cybercriminals, leading to many IoT devices being installed with out-of-date firmware and other exploitable vulnerabilities.”. Further reading: Mobile Malware: Threats and Solutions. IoT market growth. million devices being shipped.

Wireless 109

Wireless IoT Manufacturing Mobile 109

CyberSecurity Insiders

NOVEMBER 14, 2021

2020 was a high-water mark for online scams and fraud. million fraud complaints in 2020. Run a complete antivirus/anti-malware scan and update software. Here are some steps to take if you’ve been hacked: Update all of your device firmware and software. The Federal Trade Commission (FTC) received 2.1 Consumers lost $3.3

Scams 92

Scams Banking Accountability Passwords 92

Malwarebytes

OCTOBER 28, 2021

Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. Install and regularly update anti-malware software on all hosts and enable real-time detection. Install security updates for software, operating systems, and firmware as soon as they are released.

Ransomware 99

Ransomware Backups Encryption Firmware 99

Malwarebytes

SEPTEMBER 7, 2022

Malwarebytes has been tracking the group since December 2020. Authentication. Require all accounts with password logins to meet the required standards for developing and managing password policies: Require multifactor authentication wherever you can—particularly for webmail, VPNs, and critical systems. Vice Society.

Education 88

Education Ransomware Backups Passwords 88

SecureList

SEPTEMBER 21, 2023

The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. A successful password cracking enables hackers to execute arbitrary commands on a device and inject malware. Botnet based on Medusa, working since 2020. Our advantages: 1. Tested, tried.

IoT 101

IoT DDOS Passwords Malware 101

Security Affairs

OCTOBER 13, 2020

Here are five significant cybersecurity vulnerabilities with IoT in 2020. This type of malware attack is called a botnet attack. It’s powered by hundreds of bots carrying malware and infecting thousands of IoT devices simultaneously. Malware, phishing, and web. The Threat is Definitely Real. Shadow IoT Devices.

IoT 132

IoT Cybersecurity Manufacturing Internet 132

Malwarebytes

MAY 6, 2022

REvil (aka Sodinokibi) first appeared in May 2020 and has been responsible for numerous high-profile ransomware attacks, including arguably the biggest ransomware attack of all time—a supply-chain attack on Kaseya VSA in July 2021 that is thought to have affected over 1,000 businesses. An old enemy returns.

Ransomware 85

Ransomware Encryption Accountability Technology 85

Security Affairs

FEBRUARY 3, 2020

“Once the vulnerability is exploited successfully on the target, the following shell commands will be executed on the target system: The above shell commands are used to download the malware and execute it on the exploited systems.” link] #threatintel — Bad Packets Report (@bad_packets) January 10, 2020. 06 and older.

DDOS 79

DDOS Hacking Internet Internet 79

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware 105

Malware Adware Spyware Antivirus 105

SiteLock

AUGUST 27, 2021

In the three years since those first IoT botnet attacks, threats to IoT security have increased to include crypto-jacking , denial of service (DDoS) attacks, and various other types of malware and online malfeasance. Most manufacturers of IoT enabled devices update their firmware frequently. Update, Update, Update. The Bottom Line.

IoT 98

IoT Spyware VPN Passwords 98

Malwarebytes

APRIL 5, 2023

By January 2023, education had claimed over 80 percent of all global malware incidents —a staggering lead that has held since 2020. In fact, 57 percent of all ransomware incidents disclosed to the FBI involved K–12 districts at the start of the 2020/2021 school year, compared to just 28 percent the year prior.

Education 63

Education Ransomware Cybersecurity Risk 63

Malwarebytes

MAY 28, 2021

Two years later, the group moved to using Conti, in May 2020. Install updates/patch operating systems, software, and firmware as soon as they are released. Use multi-factor authentication where possible. Install and regularly update anti-virus/anti-malware software on all hosts. hard drive, storage device, the cloud).

Healthcare 106

Healthcare Ransomware Encryption Passwords 106

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. Rootkits are malware implants that are installed deep in the operating system. Andariel deploys DTrack and Maui ransomware.

Malware 111

Malware Computers and Electronics Adware Cryptocurrency 111

Centraleyes

JUNE 11, 2024

Additionally, ensure that updates are authentic and delivered over secure channels to maintain the integrity of software installations. Maintain a list of trusted certificates to validate the authenticity of executable files and scripts. Time is of the essence when it comes to patch management.

Risk 52

Risk Cyber Insurance Insurance Authentication 52

Security Affairs

MARCH 21, 2020

A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. According to Palo Alto researchers, threat actors exploited the recently patched CVE-2020-9054 vulnerability in Zyxel NAS. The vendor advisory is also available.

DDOS 103

DDOS Authentication Advertising Firmware 103

eSecurity Planet

MAY 28, 2021

The truth is that solutions like single sign-on (SSO) and multi-factor authentication (MFA) can spell disaster if initial access is all a malicious actor needs to traverse the network’s resources. Malware detection has long been a game of signature detection. Ransomware: Encryption, Exfiltration, and Extortion.

Software 119

Software DNS Firmware VPN 119