Security Affairs

AUGUST 29, 2021

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing.

VPN 121

VPN Encryption Authentication Hacking 121

Security Affairs

MARCH 24, 2021

Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents. pic.twitter.com/POYlPYGjsz — MalwareTech (@MalwareTechBlog) March 21, 2021. It does indeed encrypt files.

Ransomware 140

Ransomware Encryption VPN Malware 140

Security Affairs

JUNE 30, 2022

The agency released an executable along with a user manual that provides step-by-step instructions to recover encrypted data for free. According to a report published by blockchain analytics company Chainalysis, the Hive ransomware is one of the top 10 ransomware strains by revenue in 2021.

Ransomware 108

Ransomware Cybersecurity Encryption VPN 108

Security Affairs

SEPTEMBER 1, 2021

.” The two vulnerabilities are CVE-2021-3711 and CVE-2021-3712 , they are respectively a remote code execution (RCE) and denial-of-service (DoS). The CVE-2021-3711 is a high-severity buffer overflow flaw that could allow an attacker to change an application’s behavior or cause the app to crash. Important Ongoing DSM 6.2

VPN 85

VPN Encryption Hacking Internet 85

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021. com, sscompany[.]net,

Malware 203

Malware VPN Internet Internet 203

Security Affairs

DECEMBER 12, 2023

Our researchers believe that the leaked database was likely a production database used for development purposes, as it included customer data, logs, drivers’ personal identifiable information (PII), registration and bank details, as well as passenger order details. The data covered a period from 2018 to 2021.

VPN 120

VPN Accountability Banking Marketing 120

Security Affairs

JANUARY 12, 2022

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. 2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 154.167.91

Malware 132

Malware Manufacturing Cryptocurrency Cybercrime 132

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 93

Spyware Data breaches VPN Hacking 93

Security Affairs

OCTOBER 25, 2022

Stolen data include contracts, financial and business documents, engineering projects, and employees’ personally identifiable information (PII), including Aadhar card numbers. According to a report published by blockchain analytics company Chainalysis, the Hive ransomware is one of the top 10 ransomware strains by revenue in 2021.

Ransomware 88

Ransomware Data breaches Cyber Attacks Engineering 88

Security Affairs

AUGUST 29, 2023

Citrix reported that successful exploitation requires that the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. The attackers obtained encrypted passwords from NetScaler ADC configuration files, and the decryption key was stored on the ADC appliance. php) on victim machines.

VPN 104

VPN Ransomware DNS Malware 104

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.

Ransomware 98

Ransomware DDOS Passwords Backups 98

Security Affairs

FEBRUARY 26, 2022

Unit 42 attributes the malware to an APT campaign codenamed TiltedTemple (aka DEV-0322 ), threat actors also exploited the Zoho ManageEngine ADSelfService Plus vulnerability ( CVE-2021-40539 ) and ServiceDesk Plus vulnerability ( CVE-2021-44077 ). based defense contractor’s internet-facing Windows server on July 27, 2021.

Backups 91

Backups VPN Healthcare Malware 91

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Only use secure networks and avoid using public Wi-Fi networks. ” reads the FBI’s PIN.

Ransomware 97

Ransomware Passwords Backups Firmware 97

Security Affairs

JULY 9, 2021

BleepingComputer reported that attackers infected over 15,000 devices in March, the ransomware gang encrypted the computers of remote workers who were logged into the company’s VPN during the incident. During this time period, the threat actor copied a limited amount information before deploying the ransomware.

Data breaches 142

Data breaches Insurance Ransomware Identity Theft 142

Security Affairs

JANUARY 14, 2022

The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization. Source SSU. The law enforcement arrested the leader of the group, a 36-year-old man that lives in Kyiv, along with his wife and three other acquaintances.

Ransomware 114

Ransomware DDOS Telecommunications Malware 114

Security Affairs

FEBRUARY 7, 2021

Hackers abuse Plex Media servers for DDoS amplification attacks TeamTNT group uses Hildegard Malware to target Kubernetes Systems Experts found critical flaws in Realtek Wi-Fi Module Packaging giant WestRock is still working to resume after recent Ransomware Attack Watch out!

DDOS 66

DDOS Firewall Ransomware Encryption 66

Security Affairs

SEPTEMBER 7, 2021

A police report revealed that the popular encrypted email service provider ProtonMail shared the IP address of a French activist with the authorities. The police used this information to identify and arrest a France activist who was using the popular service. pic.twitter.com/xIglWqLcfk — MuArF (@MuArF) September 2, 2021.

Encryption 80

Encryption Accountability VPN Hacking 80

Malwarebytes

MARCH 17, 2021

PYSA, aka Mespinoza, is a malware capable of exfiltrating data and encrypting users’ critical files and data stored on their systems. link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.

Education 107

Education Ransomware Phishing Passwords 107

Security Affairs

SEPTEMBER 10, 2020

At the time of the attack, the ransomware operators published images of the data they claim to have stolen before encrypting the systems at the company. After months of silence, SeaChange finally confirmed the ransomware attack, the company filed a 10-Q quarterly report with the US Securities and Exchange Commission (SEC).

Ransomware 66

Ransomware VPN Banking Data breaches 66

Malwarebytes

MAY 28, 2021

According to Coveware, a company that offers incident response services to organizations impacted by ransomware attacks, Conti is the second most common ransomware family that victim organizations have reported in the first quarter of 2021. Earlier versions appended the.CONTI extension to encrypted files.

Healthcare 105

Healthcare Ransomware Encryption Passwords 105

SC Magazine

JUNE 24, 2021

Metropolitan Police Department attack in April, has shifted its strategy from data encryption to data theft. Today’s columnist, Jane Adams of Secureworks, offers insights on what these changing strategies mean to security teams. It claimed to have accessed the police system using a zero-day vulnerability in a VPN.

Ransomware 73

Ransomware Encryption VPN Software 73

Security Affairs

MARCH 23, 2021

The flaws could be exploited to access sensitive information, reboot the device, trigger a denial-of-service condition, and gain privileged access. “Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition.”

Firmware 78

Firmware VPN Firewall Risk 78

Security Affairs

NOVEMBER 14, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Provide users with training on information security principles and techniques, particularly on recognizing and avoiding phishing emails.

Passwords 66

Passwords Government Firmware Accountability 66

SecureList

DECEMBER 12, 2023

In 2021, the personal information of over 700 million LinkedIn users and 533 million Facebook users was scraped and posted on the dark web. In the case of leakage, there is no time to regret your unrealized security controls or not conducted information security training. And what you should do with it?

Data breaches 81

Data breaches Accountability Telecommunications Malware 81

eSecurity Planet

NOVEMBER 5, 2021

In cases, full disk encryption is a necessary feature. Encrypted data provides an obstacle and a layer of risk mitigation against loss since the data is not easily readable without the right encryption key. Encrypted data involves both data in transit and data at rest. transport layer security) has long been the standard.

Encryption 52

Encryption Software Authentication Passwords 52

CyberSecurity Insiders

JULY 21, 2021

Ensure that account credentials are secure. According to Verizon’s 2021 Data Breach Investigations Report , credentials are the type of data cybercriminals most want to steal in a breach. Employees with the right training, on the other hand, have developed the right habits to help them spot and thwart cyberattacks.

Social Engineering 145

Social Engineering Password Management Passwords Phishing 145

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software 99

Software Firmware DNS VPN 99

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. For a more detailed overview we chose two of the most noteworthy Big Game Hunting ransomware in 2021. Access sellers.

Ransomware 123

Ransomware Encryption Malware Cybercrime 123

Security Affairs

JUNE 30, 2021

Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes. The VPN service was offered for a starting price of €22 ($25). . “On 29th of June 2021, law enforcement took down DoubleVPN.

VPN 130

VPN Cybercrime Encryption Advertising 130

Security Affairs

MAY 2, 2022

In March 2021, hackers gained access to a security company’s surveillance cameras and live-streamed those video feeds from hospitals, jails, schools, police stations, gyms, and even Tesla. Turn off automatic connections to route each device via your VPN-secured WiFi router. Secure Your Network with a VPN.

IoT 127

IoT Cybersecurity VPN Internet 127

Security Affairs

MARCH 27, 2023

The threat actor abused Bitly shortener and an ad hoc BlogSpot account to protect the malicious code, lastly stored in an encrypted zip archive hosted on Mega.nz. The shared secret is used to encrypt the GZipped memory stream using a xor-based algorithm in a compress-then-encrypt fashion.

Malware 83

Malware Social Engineering Encryption Marketing 83

SecureList

NOVEMBER 23, 2021

And plans to improve information security and introduce new protection tools and measures are predicated, in some way, on the chosen adversary model. In 2021, for instance, we have seen many industries brought to a standstill and tens of millions of dollars paid out to ransomwarers. Building on the success of 2021.

Spyware 102

Spyware Phishing Cybercrime Energy and Utilities 102

Security Affairs

JULY 5, 2021

Implement allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/or Place administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network. On Friday (02.07.2021) we launched an attack on MSP providers.

Ransomware 126

Ransomware VPN Backups Firewall 126

Security Affairs

DECEMBER 5, 2021

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook.

Spyware 84

Spyware Ransomware Hacking VPN 84

Security Affairs

JULY 29, 2022

Even if you do click on that email and enter a few credentials, if your bank, work VPN, or other access point requires MFA (especially with tokenization, biometrics, or location-based entry), chances are those credentials won’t be enough, and hackers will move on to easier targets. Resistant to phishing. User experience.

Authentication 107

Authentication Passwords Data privacy Identity Theft 107

Security Affairs

FEBRUARY 23, 2020

for cyber 2021 budget for the Department of Defense. Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks. Russian govn blocked Tutanota service in Russia to stop encrypted communication. Russian govn blocked Tutanova service in Russia to stop encrypted communication. US administration requests $9.8B

Artificial Intelligence 62

Artificial Intelligence eCommerce Firmware Hacking 62