2020, Backups, Firmware and Information Security

2020

Backups

Firmware

Information Security

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. Patch operating systems, software, firmware, and endpoints. PIN Number 20201210-001. ” states the FBI’s PIN.

Ransomware

Ransomware Backups Firmware Accountability

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. The company also recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

Ransomware

Ransomware Backups Media Malware

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. Focus on cyber security awareness and training.

Ransomware

Ransomware Passwords Backups Firmware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The gang has been active since at least 2020, threat actors hit organizations from various industries. Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline.

Ransomware

Ransomware Firmware Antivirus Accountability

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Implement network segmentation. Focus on awareness and training.

Passwords

Passwords Government Firmware Accountability

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Focus on cyber security awareness and training.

Ransomware

Ransomware Manufacturing Passwords Internet

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

sys “) by triggering the CVE-2020-15368 flaw to execute malicious code in the Windows kernel. Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups.

Passwords

Passwords Architecture Backups Cyber Attacks

Three more ransomware attacks hit Water and Wastewater systems in 2021

Security Affairs

OCTOBER 15, 2021

RDP accesses); Exploitation of vulnerabilities affecting control systems running vulnerable firmware versions. The ransomware affected the victim’s SCADA system and backup systems. In March 2021, cyber actors used an unknown ransomware variant against a Nevada-based WWS facility.

Ransomware

Ransomware Cyber threats Firmware Backups

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. Implement regular data backup procedures .

Ransomware

Ransomware Healthcare Phishing Risk

ICS and OT threat predictions for 2024

SecureList

JANUARY 31, 2024

In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises. However, they can learn to mitigate the impact more effectively (for example, through better securing the most confidential data, and with proper backup and incident response plans).

Ransomware

Ransomware Energy and Utilities Marketing Backups

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Nickels suggests organizations follow this guidance: Also Read: How Zero Trust Security Can Protect Against Ransomware. Prevent Rely solely on offline backups Disallow unnecessary file sharing. From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. Old way New way. Current Target: VBOS.

Software

Software Firmware DNS VPN

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

Two years later, the group moved to using Conti, in May 2020. Below is a list of recommended mitigations from the FBI, which it issued along with an alert on Conti ransomware late last week: Regularly back up data, air gap, and password protect backup copies offline. Focus on cyber security awareness and training.

Healthcare

Healthcare Ransomware Encryption Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Here are five significant cybersecurity vulnerabilities with IoT in 2020. A hacker managed to identify a weak spot in a security camera model. There are plenty of IoT devices with an auto-update feature, but there is a security issue with the process. Before the device applies the update, it sends a backup to the servers.

IoT

IoT Cybersecurity Manufacturing Internet

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges. Figure 1: B.

Computers and Electronics

Computers and Electronics Authentication Software Risk

Cyber Security Informer

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Webinars

Trending Sources

FBI warns of ransomware attacks targeting the food and agriculture sector

Webinars

Ranzy Locker ransomware hit tens of US companies in 2021

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI warns of ransomware threat to food and agriculture

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Three more ransomware attacks hit Water and Wastewater systems in 2021

US CISA and FBI publish joint alert on DarkSide ransomware

ICS and OT threat predictions for 2024

The Biggest Lessons about Vulnerabilities at RSAC 2021

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Stay Connected