SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 86

Malware Banking Healthcare Penetration Testing 86

CyberSecurity Insiders

JULY 16, 2021

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x x firmware is going to reach its EOL aka End of Life.

Ransomware 145

Ransomware Firmware Cyber Attacks Firewall 145

Security Affairs

OCTOBER 15, 2021

In all the attacks the ransomware encrypting files on the infected systems and in one of the security incidents threat actors compromised a system used to control the SCADA industrial equipment. RDP accesses); Exploitation of vulnerabilities affecting control systems running vulnerable firmware versions. Pierluigi Paganini.

Ransomware 91

Ransomware Cyber threats Firmware Backups 91

Thales Cloud Protection & Licensing

APRIL 20, 2021

Organizations Need a New NetSec Approach, Reveals Verizon’s 2021 Mobile Security Index. Tue, 04/20/2021 - 11:33. In the MSI 2021, more than half of respondents told Verizon that their organizations allowed employees to access corporate IT assets over public Wi-Fi. Verizon’s MSI 2021, page 72. Verizon’s MSI 2021, page 73.

Mobile 71

Mobile Architecture Data breaches Authentication 71

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” states the vendor.

Ransomware 87

Ransomware Firmware Encryption Engineering 87

SecureList

MAY 10, 2021

Q1 2021 saw the appearance of two new botnets. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. News overview.

DDOS 103

DDOS Cryptocurrency Media Marketing 103

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. Targeted attacks exploiting CVE-2021-40444. PC statistics. Mobile statistics. Targeted attacks. WildPressure targets macOS.

Malware 92

Malware Banking Energy and Utilities Accountability 92

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. a lack of firmware updates, important for security and performance. Cyber Security Roundup for May 2021. UK Smarties Cities Cybersecurity Warning.

Ransomware 105

Ransomware Passwords Scams Cyber Attacks 105

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. Gift yourself a Samsung device from this Thanksgiving 2021 or Black Friday 2021 deals.

Mobile 132

Mobile Firmware Manufacturing Passwords 132

Security Affairs

AUGUST 10, 2021

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. The malicious code appends.encrypt extension to filenames of encrypted files. ” reads the report published by Palo Alto Researchers.

Ransomware 125

Ransomware Encryption Firmware Passwords 125

Security Affairs

JANUARY 16, 2022

The threat actors behind the attacks were exploiting an improper authorization vulnerability, tracked as CVE-2021-28799 , that could allow them to log in to a NAS device. “A A ransomware campaign targeting QNAP NAS began the week of April 19th, 2021. Up to date apps and firmware seem not to help either.”

Ransomware 110

Ransomware Encryption Backups Firmware 110

Malwarebytes

JULY 10, 2022

New to [link] : @CISAgov joined partners @FBI & @USTreasury to provide TTPs and IOCs for #Maui ransomware, which North Korean state-sponsored cyber actors have used to target Public Health Sector orgs since May 2021. The FBI started responding to incidents involving Maui in May 2021. Check it out @ [link].

Healthcare 89

Healthcare Ransomware Encryption Firmware 89

Thales Cloud Protection & Licensing

MAY 31, 2021

Tue, 06/01/2021 - 06:55. In our previous blog post , we discussed the challenges for securing IoT deployments, and how businesses and consumers benefit from authenticating and validating IoT software and firmware updates. Requirements also included that the firmware was to be signed by the manufacturer and verified by the pacemaker.

IoT 71

IoT Computers and Electronics Manufacturing Firmware 71

eSecurity Planet

APRIL 5, 2023

Tens of thousands of new security vulnerabilities are discovered each year; the value of CISA’s KEV catalog is that it helps organizations prioritize the software and firmware flaws that threat groups are actively exploiting — and many of those exploited flaws are older ones that users have failed to apply patches for.

Ransomware 126

Ransomware Firmware Cybersecurity Healthcare 126

Malwarebytes

DECEMBER 16, 2021

In 2021’s final Patch Tuesday, Microsoft included a total of 67 fixes for security vulnerabilities. CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution vulnerability. CVE-2021-43905 Microsoft Office app Remote Code Execution vulnerability. CVE-2021-43905 Microsoft Office app Remote Code Execution vulnerability.

Wireless 87

Wireless Passwords Firmware Authentication 87

Malwarebytes

JULY 22, 2021

The vulnerability has been listed as CVE-2021-3438 and it is a potential buffer overflow in the software drivers that can be abused to achieve an escalation of privilege. But once they have access they can use the vulnerability to get permissions to install programs, view, change, or delete data, and encrypt files.

Software 145

Software Firmware Manufacturing Engineering 145

Security Affairs

FEBRUARY 14, 2022

As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture).” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 88

Ransomware Accountability Firmware Antivirus 88

Security Affairs

FEBRUARY 28, 2024

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. Upgrade to the latest firmware version. ” concludes the report.

Energy and Utilities 93

Energy and Utilities Government Firewall Malware 93

Security Affairs

FEBRUARY 15, 2022

NAS devices are privileged targets of cybercriminals, a couple of weeks ago QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. In December 2021, experts also observed ech0raix ransomware attacks targeting QNAP network-attached storage (NAS) devices.

Firmware 79

Firmware Ransomware Encryption Hacking 79

Security Affairs

JANUARY 2, 2022

Y2k22 bug in Microsoft Exchange causes failure in email delivery Security Affairs most-read cyber stories of 2021 PulseTV discloses potential credit card breach The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched How to implant a malware in hidden (..)

Banking 89

Banking Firmware Malware Ransomware 89

SecureWorld News

FEBRUARY 2, 2022

The attacks target a Zero-Day vulnerability that was patched in December 2021 which allows the threat actor to run arbitrary code on vulnerable devices exposed to the internet. DeadBolt ransomware was recently used to target customers of QNAP, a Taiwanese company that produces network attached storage (NAS) devices. January 30, 2022.

Ransomware 84

Ransomware Firmware Encryption Internet 84

Thales Cloud Protection & Licensing

MARCH 10, 2021

Thu, 03/11/2021 - 07:39. The same rings true for encryption and authentication. Asymmetric encryption may require too much processing power for certain devices, making symmetric keys the only option. Over-the-air (OTA) software and firmware updates must be delivered securely and effectively. Guest Blog: TalkingTrust.

IoT 77

IoT Firmware Manufacturing Encryption 77

Malwarebytes

JULY 20, 2022

The FBI started responding to incidents involving Maui in May 2021. According to court documents, in May 2021, North Korean hackers used a ransomware strain called Ransom.Maui to encrypt the files and servers of a medical center in the District of Kansas. Keep operating systems, applications, and firmware up to date.

Ransomware 94

Ransomware Cryptocurrency Healthcare Firmware 94

SecureWorld News

AUGUST 24, 2022

If malware were installed on the device, it could control the LEDs by blinking and changing colors with firmware commands. The infection of a device can be achieved via supply chain attacks, social engineering techniques, or the use of hardware with installed software or firmware. encryption keys, biometric information).

Firmware 81

Firmware Social Engineering Surveillance Malware 81

Security Affairs

APRIL 23, 2021

(QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users’ data for ransom. qlocker @QNAP_nas — Jack Cable (@jackhcable) April 22, 2021.

Ransomware 115

Ransomware Backups Media Malware 115

Security Affairs

AUGUST 17, 2022

Researchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. “A potential security vulnerability in some Intel® Processors may allow information disclosure.Intel is releasing firmware updates to address this potential vulnerability.”

Architecture 76

Architecture Firmware Software Information Security 76

Malwarebytes

OCTOBER 28, 2021

According to a flash alert issued by the FBI , unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021, including victims in the construction, academic, government, IT, and transportation sectors. All encrypted files have extension: ranzy - How to restore my files? - Mitigation.

Ransomware 102

Ransomware Backups Encryption Firmware 102

Malwarebytes

JANUARY 28, 2022

QNAP) pushed out an automatic, forced, update with firmware containing the latest security updates to protect against the attackers’ “DeadBolt” ransomware. They also use the same name in the file extension of the encrypted files their ransomware generates. All your files have been encrypted. What happened?

Ransomware 71

Ransomware Firmware Encryption Backups 71

Security Affairs

JUNE 3, 2021

The researchers demonstrated a proof-of-concept (PoC) exploit that sees the attacker masquerading as a legitimate access point, running a modified open-source hostapd , and sending a malicious encrypted group temporal key (GTK) to any client that connects to it via WPA2. ” continues the report. Pierluigi Paganini.

Wireless 85

Wireless IoT Encryption Firmware 85

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 95

Ransomware DDOS Passwords Backups 95

Security Affairs

MARCH 23, 2021

The types of vulnerabilities affecting the devices are Inadequate Encryption Strength, Session Fixation, Exposure of Sensitive Information to an Unauthorized Actor, Improper Input Validation, Unrestricted Upload of File with Dangerous Type, Insecure Default Variable Initialization, Use of Hard-coded Credentials. ” continues the alert.

Firmware 77

Firmware VPN Firewall Risk 77

SecureWorld News

FEBRUARY 17, 2024

A 2021 Cynerio report revealed a staggering 123% increase in ransomware attacks on healthcare facilities, resulting in more than 500 incidents and costs exceeding $21 billion. Strong encryption Implementing strong encryption protocols for data generated by the device, whether this data is at rest or in transit, is crucial.

Healthcare 98

Healthcare Manufacturing Internet Internet 98

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware 94

Ransomware Passwords Backups Firmware 94

SecureList

JULY 28, 2022

We identified a Windows variant of this sample using the same string encryption algorithm, internal modules, and functionalities. In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019).

Malware 136

Malware Firmware Phishing Cryptocurrency 136

Security Affairs

APRIL 19, 2023

The joint advisory provides detailed info on tactics, techniques, and procedures (TTPs) associated with APT28’s attacks conducted in 2021 that exploited the flaw in Cisco routers. The Russia-linked APT28 conducted the attacks in 2021 and targeted a small number of entities in Europe, U.S. ” reads the joint advisory. through 12.4

Malware 84

Malware Firmware Government Education 84

Security Affairs

APRIL 7, 2021

This ransomware encrypts data from victims with AES-256 + RSA-8192 and then demands a ~ 2 BTC ransom to get the files back. mike [link] pic.twitter.com/fkU2USEZis — Swisscom CSIRT (@swisscom_csirt) January 26, 2021. CRING a new strain deployed by human operated ransomware actors. ” reads the post published by Kaspersky.

VPN 93

VPN Ransomware Antivirus Firmware 93

Malwarebytes

MAY 6, 2022

REvil (aka Sodinokibi) first appeared in May 2020 and has been responsible for numerous high-profile ransomware attacks, including arguably the biggest ransomware attack of all time—a supply-chain attack on Kaseya VSA in July 2021 that is thought to have affected over 1,000 businesses. Ransomware attacks in April 2022.

Ransomware 86

Ransomware Encryption Accountability Technology 86