2020, Firmware, Information Security and VPN

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall

Firewall VPN Firmware Passwords

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware

Firmware Passwords Accountability VPN

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN

VPN Firewall Firmware Authentication

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Security Affairs

JANUARY 14, 2024

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” concludes the analysis.

Firewall

Firewall Firmware Cyber Attacks VPN

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. On the 6th Feb, we released an updated firmware to address this issue.” ” reads the security bulletin.

Firmware

Firmware VPN Accountability Advertising

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

. “CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.” 7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances.

Government

Government VPN Firmware Energy and Utilities

A critical flaw in industrial automation systems opens to remote hack

Security Affairs

NOVEMBER 29, 2020

Tracked as CVE-2020-25159 , the flaw is rated 9.8 ” reads the security advisory published by Claroty. The flaw, tracked as CVE-2020-25159, has received a CVSS score of 9.8 Brizinov reported the stack overflow issue to the US agency CISA that published a security advisory. ” continues the report.

Hacking

Hacking Firmware Internet Internet

AgeLocker ransomware operation targets QNAP NAS devices

Security Affairs

MAY 1, 2021

If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” Threat actors were exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020.

Ransomware

Ransomware Cryptocurrency Malware Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Passwords Backups Firmware

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. hard drive, storage device, the cloud).

Passwords

Passwords Government Firmware Accountability

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Manufacturing Passwords Internet

Security Affairs newsletter Round 309

Security Affairs

APRIL 11, 2021

Clop Ransomware operators plunder US universities Malware attack on Applus blocked vehicle inspections in some US states 2,5M+ users can check whether their data were exposed in Facebook data leak 33.4%

Cyber Attacks

Cyber Attacks Firmware Malware VPN

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. other than VPN gateways, mail ports, web ports).

Ransomware

Ransomware Healthcare Phishing Risk

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. While the design of a unified extensible firmware interface (UEFI) overcame BIOS limitations, both components critical to computer operation are an increasing target. Current Target: VBOS.

Software

Software Firmware DNS VPN

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

Two years later, the group moved to using Conti, in May 2020. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., Install updates/patch operating systems, software, and firmware as soon as they are released.

Healthcare

Healthcare Ransomware Encryption Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Here are five significant cybersecurity vulnerabilities with IoT in 2020. A hacker managed to identify a weak spot in a security camera model. It can be prevented through the use of an online VPN. He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy.

IoT

IoT Cybersecurity Manufacturing Internet

Cyber Security Informer

Expert found a secret backdoor in Zyxel firewall and VPN

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Webinars

Trending Sources

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Webinars

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Hackers target zero-day flaws in enterprise Draytek network devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

A critical flaw in industrial automation systems opens to remote hack

AgeLocker ransomware operation targets QNAP NAS devices

Interview With a Crypto Scam Investment Spammer

A new Zerobot variant spreads by exploiting Apache flaws

FBI warns of ransomware attacks targeting the food and agriculture sector

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI warns of ransomware threat to food and agriculture

Security Affairs newsletter Round 309

US CISA and FBI publish joint alert on DarkSide ransomware

The Biggest Lessons about Vulnerabilities at RSAC 2021

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Stay Connected