2020, Backups, Firmware and Hacking - Cyber Security Informer

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. Patch operating systems, software, firmware, and endpoints. SecurityAffairs – hacking, FBI). PIN Number 20201210-001. Pierluigi Paganini.

Ransomware

Ransomware Backups Firmware Accountability

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. The company also recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

Ransomware

Ransomware Backups Media Malware

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The gang has been active since at least 2020, threat actors hit organizations from various industries. Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware

Ransomware Firmware Antivirus Accountability

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. SecurityAffairs – hacking, FBI). Pierluigi Paganini.

Ransomware

Ransomware Passwords Backups Firmware

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. One screenshot showed that hosts on “eu.xerox.net,” managed by Xerox Corporation, was hacked. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Encryption Advertising Firmware

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

According to the advisory that was issued with the help of leading cybersecurity firms (Dragos, Mandiant, Microsoft, Palo Alto Networks, and Schneider Electric), nation-state hacking groups were able to hack multiple industrial systems using a new ICS-focused malware toolkit dubbed PIPEDREAM that was discovered in early 2022.

Passwords

Passwords Architecture Backups Cyber Attacks

Another ransomware payment recovered by the Justice Department

Malwarebytes

JULY 20, 2022

The following investigation confirmed that a medical provider in Colorado had just paid a ransom after being hacked by actors using the same Maui ransomware strain. A part of this ransom was recovered in 2020 from a laundering operation in Ukraine. Keep operating systems, applications, and firmware up to date.

Ransomware

Ransomware Cryptocurrency Healthcare Firmware

Three more ransomware attacks hit Water and Wastewater systems in 2021

Security Affairs

OCTOBER 15, 2021

RDP accesses); Exploitation of vulnerabilities affecting control systems running vulnerable firmware versions. The ransomware affected the victim’s SCADA system and backup systems. SecurityAffairs – hacking, Water and Wastewater systems). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Cyber threats Firmware Backups

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. SecurityAffairs – hacking, Fortinet FortiOS).

Passwords

Passwords Government Firmware Accountability

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

FormBook FormBook is an information stealer advertised in hacking forums. A 2020 LokiBot variant was disguised as a launcher for the Fortnite multiplayer video game. For the top malware strains, the advisory provides six mitigations: Update software, including operating systems, applications, and firmware, on IT network assets.

Malware

Malware Banking Penetration Testing Healthcare

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. Implement regular data backup procedures .

Ransomware

Ransomware Healthcare Phishing Risk

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Here are five significant cybersecurity vulnerabilities with IoT in 2020. Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. Before the device applies the update, it sends a backup to the servers. SecurityAffairs – hacking, IoT). Shadow IoT Devices.

IoT

IoT Cybersecurity Manufacturing Internet

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Listen to EP 08: Hacking Voting Systems. They invited us and other members of the public to try to hack it. It's about challenging our expectations about the people who hack for a living. Apple Podcasts. Google Podcasts. Spotify Podcasts. Amazon Music. TuneIn Podcasts. TheHackerMind.com. Halderman : In 2010, Washington D.C.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Listen to EP 08: Hacking Voting Systems. They invited us and other members of the public to try to hack it. It's about challenging our expectations about the people who hack for a living. Apple Podcasts. Google Podcasts. Spotify Podcasts. Amazon Music. TuneIn Podcasts. TheHackerMind.com. Halderman : In 2010, Washington D.C.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

Listen to EP 08: Hacking Voting Systems. They invited us and other members of the public to try to hack it. It's about challenging our expectations about the people who hack for a living. Apple Podcasts. Google Podcasts. Spotify Podcasts. Amazon Music. TuneIn Podcasts. TheHackerMind.com. Halderman : In 2010, Washington D.C.

Hacking

Hacking Mobile Software Technology

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

Unique Considerations for Infusion Pump Hacking. It is estimated that there are over 200 million IV infusions administered globally each year, and 2020 sales of IV pumps in the US were at $13.5 Lastly, the pump runs its own custom Real Time Operating System (RTOS) and firmware on a M32C microcontroller. Initial Access.

Computers and Electronics

Computers and Electronics Authentication Software Risk

APT Attacks & Prevention

eSecurity Planet

MARCH 23, 2022

Advanced persistent threats come from skilled attackers possessing advanced hacking tools, sophisticated techniques, and possibly large teams. Threat groups have been tolerated in Russia, for example, in exchange for assurances that their hacking activity will be conducted in other countries. What Are APTs?

Firewall

Firewall Malware Phishing Software

Ransomware: May 2022 review

Malwarebytes

JUNE 3, 2022

Conti ransomware and the group that distributes it has been a dangerous, noisy presence in the ransomware ecosystem since 2020. Not long after, a hacking group began using the leaked source code to attack targets inside Russia , violating one of ransomware’s unspoken rules. Known ransomware attacks by group, May 2022.

Ransomware

Ransomware Accountability Technology Firmware

APT trends report Q2 2022

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). We first reported DeathStalker’s VileRAT campaign in August 2020. Final thoughts.

Malware

Malware Firmware Phishing Cryptocurrency

Cyber Security Informer

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Trending Sources

Ranzy Locker ransomware hit tens of US companies in 2021

FBI warns of ransomware attacks targeting the food and agriculture sector

Maze Ransomware operators published data from LG and Xerox

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Another ransomware payment recovered by the Justice Department

Three more ransomware attacks hit Water and Wastewater systems in 2021

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Top 10 Malware Strains of 2021

US CISA and FBI publish joint alert on DarkSide ransomware

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

APT Attacks & Prevention

Ransomware: May 2022 review

APT trends report Q2 2022

Stay Connected