Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 144

Ransomware Encryption VPN Backups 144

Security Affairs

OCTOBER 25, 2021

The device was compromised two times, in July 2020 and June 2021. “While we attribute the 2020 and 2021 infections to NSO Group’s Pegasus spyware with high confidence, we are not conclusively attributing this activity to a specific NSO Group customer at this time. . ” reported Citizen Lab. ” reported Citizen Lab.

Spyware 95

Spyware Hacking Backups Accountability 95

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. Focus on cyber security awareness and training.

Ransomware 91

Ransomware Passwords Backups Firmware 91

Daniel Miessler

SEPTEMBER 29, 2020

DanielMiessler) September 19, 2020. SafetyDetectives reports the average cost of a ransomware-caused downtime incident has risen from $46,800 in 2018, to $141,000 in 2019, to $283,800 in 2020. A ransomware attack against the New Orleans city government in early 2020 cost the city over $7 million dollars.

Ransomware 246

Ransomware Government Social Engineering Small Business 246

Security Affairs

APRIL 23, 2021

“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. The company also recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

Ransomware 112

Ransomware Backups Media Malware 112

Security Affairs

AUGUST 30, 2022

A team of researchers from the Georgia Institute of Technology has analyzed the backups of more than 400,000 unique web servers and discovered 47,337 malicious plugins installed on 24,931 unique WordPress websites. “YODA uncovered 47,337 malicious plugins on 24,931 unique websites.

Backups 131

Backups Malware Technology Hacking 131

Security Affairs

OCTOBER 15, 2020

A series of messages published on Barnes & Noble’s Nook social media accounts state that it had suffered a system failure and is working to restore operations by restoring their server backups. 1/2 — NOOK (@nookBN) October 14, 2020. (2/2) — NOOK (@nookBN) October 14, 2020. Thank you for your patience.

Cyber Attacks 105

Cyber Attacks VPN Backups Ransomware 105

Webroot

FEBRUARY 10, 2022

Schools, local governments and hospitals are some of the most commonly targeted types of institutions, accounting for some 2,400 breaches in 2020, according to the Ransomware Task Force’s (RTF) 2021 report. According to the RTF, “In 2020, two-thirds of the ransomware attacks…were perpetrated by cyber criminals using a RaaS model.”

Ransomware 106

Ransomware Small Business Backups Threat Reports 106

Security Affairs

DECEMBER 7, 2021

“In the summer of 2020, Google determined that Glupteba malware was being disseminated on numerous third-party software download sites, online movie streaming sites, and video downloader sites, often advertised as “free downloads.” We believe this action will have a significant impact on Glupteba’s operations.

Backups 104

Backups Advertising Accountability Malware 104

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”. The gold rush of 2020.

Ransomware 115

Ransomware Cybercrime Malware Marketing 115

Security Affairs

JANUARY 25, 2021

The researcher Rajshekhar Rajaharia analyzed the leaked data, it is a MongoDB database of 6GB that contains three backup files with BuyUcoin data. BuyUcoin has yet to confirm the security incident, it only announced the launch of an investigation. Trading in #cryptocurrency ? Lakh Users data including me leaked From @buyucoin.

Cryptocurrency 127

Cryptocurrency Hacking InfoSec Data breaches 127

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking 345

Hacking Ransomware Banking Accountability 345

Security Affairs

JUNE 24, 2021

ChaChi has been first observed in the wild in the first half of 2020, but cybersecurity experts underestimated it. “These actors are utilizing advanced knowledge of enterprise networking and security misconfigurations to achieve lateral movement and gain access to the victim’s environments.” ” . . ” .

Ransomware 113

Ransomware Education DNS Backups 113

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Implement network segmentation. Focus on awareness and training.

Passwords 63

Passwords Government Firmware Accountability 63

SiteLock

AUGUST 27, 2021

That’s why your small business should make database security a top priority in 2020. This database security assessment checklist can be your go-to list for ensuring your data stays protected: 1. In order to create an encrypted layer between your server and visitors’ browsers, we recommend employing a Secure Sockets Layer.

Backups 98

Backups Encryption Firewall Small Business 98

Schneier on Security

JUNE 8, 2021

And militaries need to have well-developed backup plans, for when systems are subverted. To help combat siloed military thinking, include some civilians as well. Allow their ideas into the room when predicting potential enemy action.

Software 361

Software Cybersecurity Backups Manufacturing 361

Security Affairs

OCTOBER 8, 2020

The data leak was first reported on May 30, 2020, the data have been posted online by the collective KelvinSecTeam. It has more than than 200 employees with around $250 million in revenue. The data leak is the result of a misconfigured server containing 60 directories with approximately 5,000 files each.

Advertising 114

Advertising Insurance Backups Media 114

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 316

Cybercrime VPN Malware Penetration Testing 316

Security Affairs

AUGUST 9, 2021

in Australia since 2020. Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries.

Ransomware 109

Ransomware Retail Manufacturing Encryption 109

Security Affairs

OCTOBER 26, 2021

The gang has been active since at least 2020, threat actors hit organizations from various industries. Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline.

Ransomware 122

Ransomware Firmware Antivirus Accountability 122

Security Affairs

MAY 15, 2022

— Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. The botnet has been active since at least the end of 2020, but its activity was documented in April 2021 by multiple security researchers. The new variant, which we call Sysrv-K, sports additional exploits and can gain control of web servers.

Security Intelligence 78

Security Intelligence Malware Architecture Backups 78

Malwarebytes

SEPTEMBER 3, 2021

As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Focus on cyber security awareness and training.

Ransomware 138

Ransomware Manufacturing Passwords Internet 138

Security Affairs

JUNE 8, 2022

Perform regular data backup procedures and maintain up-to-date incident response and recovery procedures. Implement strict password requirements, enforcing password complexity, changing passwords at a defined frequency, and performing regular account reviews to ensure compliance [ D3-SPP ].

Telecommunications 92

Telecommunications Authentication Passwords Accountability 92

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. In early 2020, several cybercriminals groups followed suit. About the essayist.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

SecureWorld News

NOVEMBER 4, 2020

Securities and Exchange Commission (SEC), and it gave a glimpse into a ransomware attack which hit the company earlier in the year. The company's SEC filing revealed the ransomware attack was detected on July 28, 2020. Was it from backups or perhaps paying a ransom? What we know about the Mattel ransomware attack.

Ransomware 58

Ransomware Cyber Risk Risk Retail 58

Security Affairs

APRIL 9, 2020

“As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data. The attack on Travelex demonstrates the importance of the prompt notification of a security breach.

Ransomware 112

Ransomware Encryption Advertising Backups 112

Security Affairs

JANUARY 16, 2020

WP Time Capsule is a backup tool with around 20,000 installs, to bypass the authentication the attackers need to send a POST request containing in the body a certain string. Below the timeline for both vulnerabilities: 07-01-2020 – Reported the vulnerabilities to the developer of both plugins. are affected by the vulnerability.

Passwords 64

Passwords Advertising Authentication Backups 64

Security Affairs

NOVEMBER 24, 2020

The version number of the sample spotted by BitDefender in early November is 2000016 (the latest version before the takedown was 1000513), The analysis of the C2 infrastructure revealed that botnet operators are using Mikrotik routers as command and control servers and implement a backup mechanism for the C2 through an EmerDNS domain.

Malware 78

Malware Backups Ransomware Hacking 78

Security Affairs

AUGUST 27, 2021

In order to facilitate file encryption, the ransomware look for processes associated with backups, anti-virus/anti-spyware, and file copying and terminates them. The post The FBI issued a flash alert for Hive ransomware operations appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 95

Ransomware Encryption Spyware Backups 95

Security Affairs

JULY 13, 2023

According to Zimbra users, the vulnerability is actively exploited since early September 2020. Rapid7 has published technical details for the RCE issue, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding CVE-2022-41352 on AttackerKB.

Hacking 82

Hacking Backups Cyber threats Authentication 82

SC Magazine

MARCH 15, 2021

Information security leaders at these two districts shared their war stories last week at the K-12 Cybersecurity Leadership Symposium, hosted by the K12 Security Information Exchange (K12 SIX) – the first-ever ISAC specifically created with local school districts in mind. Rockingham County, North Carolina.

Malware 78

Malware Backups Education Ransomware 78

Security Affairs

MARCH 16, 2020

In the meantime, if you have any further questions please drop us a direct message, call us on 01329 750 630, or visit our FAQs webpage [link] — Aerial Direct (@Aerial_Direct) March 13, 2020.

Data breaches 104

Data breaches Telecommunications Passwords Advertising 104

McAfee

JANUARY 7, 2021

For those who are not familiar with it, the ISO 27701 is the industry leading certification for information security & privacy management. 1] Schellman, December 2020. And reaching the ISO 27701 enshrines all of these values. Compliance with legal and regulatory requirements, etc.

Data privacy 71

Data privacy Backups Risk Media 71

Security Affairs

FEBRUARY 14, 2021

Cybercriminal behind the most prominent carding marketplace on the dark web Joker’s Stash retires, he will shut down its servers and destroy the backups. ” In October 2020, Joker’s admin revealed that he had been in the hospital for a week due to a Covid-19 infection. ” reads the article published by Forbes.

Cybercrime 91

Cybercrime Backups Hacking DNS 91

Security Affairs

APRIL 22, 2020

pic.twitter.com/vJ1qXBPTAO — Under the Breach (@underthebreach) April 21, 2020. The gang also claims to have erased the City’s local backups and to have stolen over 200 GB of files. The group posted files from the breach as proof.

Ransomware 98

Ransomware Advertising Backups Data breaches 98

Security Affairs

NOVEMBER 9, 2020

“On October 21, 2020, at approximately 11 am EST, X-Cart in cooperation with our infrastructure provider identified that some of our servers were down due to a ransomware attack. ” According to Cohen, the company did not pay the ransom and recoverd its files from backups. All customer websites have since been restored.

Ransomware 127

Ransomware Software Backups Marketing 127

Security Affairs

AUGUST 15, 2020

The threat actors also published screenshots of database backup entries as recent as July 2020. As a proof of the hack, Sodinokibi ransomware operators posted on their leak site multiple screenshots showing directories and files allegedly belonging to the company, and internal conversations between some employees.

Ransomware 109

Ransomware Advertising Encryption Hacking 109