2021, Firmware and Ransomware - Cyber Security Informer

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware

Ransomware Firmware Antivirus Accountability

Ransomware threat to SonicWall Customers

CyberSecurity Insiders

JULY 16, 2021

SonicWall that offers next generation firewalls and various Cybersecurity solutions has announced that its customers using certain products are at a risk of being cyber attacked with ransomware. x firmware is going to reach its EOL aka End of Life. x firmware can use a complimentary virtual SMA 500v until the end of October this year.

Ransomware

Ransomware Firmware Cyber Attacks Firewall

HelloKitty ransomware gang targets vulnerable SonicWall devices

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware

Ransomware Firmware Mobile InfoSec

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Three more ransomware attacks hit Water and Wastewater systems in 2021

Security Affairs

OCTOBER 15, 2021

A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year.

Ransomware

Ransomware Cyber threats Firmware Backups

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. NCSC ransomware PDF.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

637 flaws in industrial control system (ICS) products were published in H1 2021

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Firmware

Firmware Ransomware Manufacturing Software

SonicWall Warning: 'Imminent Risk of a Targeted Ransomware Attack'

SecureWorld News

JULY 14, 2021

Just because the infamous REvil ransomware gang suddenly disappeared this week does not mean it's time to relax on the cybersecurity front. x firmware in an imminent ransomware campaign using stolen credentials. x firmware in an imminent ransomware campaign using stolen credentials.

Risk

Risk Ransomware Firmware Mobile

QNAP force-installs update against the recent wave of DeadBolt ransomware infections

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” states the vendor.

Ransomware

Ransomware Firmware Encryption Engineering

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware

Ransomware Encryption Firmware Passwords

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware

Malware Banking Healthcare Penetration Testing

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt Up to date apps and firmware seem not to help either.”

Ransomware

Ransomware Encryption Backups Firmware

Ransomware: February 2022 review

Malwarebytes

MARCH 10, 2022

In this February 2022 ransomware review, we go over some the most successful ransomware incidents based on both open source and dark web intelligence. > BlackByte Ransomware Sample hash: 1df11bc19aa52b623bdf15380e3fded56d8eb6fb7b53a2240779864b1a6474ad. Observed since: February 2022 Ransomware note: .<company_name>

Ransomware

Ransomware Phishing Accountability Technology

Another ransomware payment recovered by the Justice Department

Malwarebytes

JULY 20, 2022

Maui ransomware. Monaco said at the International Conference on Cyber Security: “Thanks to rapid reporting and cooperation from a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as ‘Maui.’”. Deputy Attorney General Lisa O.

Ransomware

Ransomware Cryptocurrency Healthcare Firmware

DeadBolt Ransomware Decryption Key Released

SecureWorld News

FEBRUARY 2, 2022

DeadBolt ransomware was recently used to target customers of QNAP, a Taiwanese company that produces network attached storage (NAS) devices. The attacks target a Zero-Day vulnerability that was patched in December 2021 which allows the threat actor to run arbitrary code on vulnerable devices exposed to the internet. January 30, 2022.

Ransomware

Ransomware Firmware Encryption Internet

North Korean APT targets US healthcare sector with Maui ransomware

Malwarebytes

JULY 10, 2022

State-sponsored North Korean threat actors have been targeting the US Healthcare and Public Health (HPH) sector for the past year using the Maui ransomware, according to a joint cybersecurity advisory (CSA) from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury. Dealing with Maui ransomware.

Healthcare

Healthcare Ransomware Encryption Firmware

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. Secret Service (USSS) to provide information on BlackByte ransomware. ” reads the advisory.

Ransomware

Ransomware Accountability Firmware Antivirus

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

A new ransomware strain dubbed Qlocker is infecting hundreds of QNAP NAS devices every day and demanding a $550 ransom payment. Experts are warning of a new strain of ransomware named Qlocker that is infecting hundreds of QNAP NAS devices on daily bases. If anyone's dealing with the QLocker QNAP NAS ransomware, feel free to DM me.

Ransomware

Ransomware Backups Media Malware

Ransomware: April 2022 review

Malwarebytes

MAY 6, 2022

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. Onyx is a new ransomware gang based on the old Chaos builder. Ransomware attacks in April 2022. Attacks by ransomware type.

Ransomware

Ransomware Encryption Accountability Technology

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Preceding the conference, the United States experienced its biggest cyberattack on critical infrastructure to date with ransomware hitting Colonial Pipeline. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities. Old way New way. Current Target: VBOS.

Software

Software Firmware DNS VPN

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. a lack of firmware updates, important for security and performance. Colonial Pipeline DarkSide Ransomware Attack. Conti Ransomware takes down Ireland's Health Service.

Ransomware

Ransomware Passwords Scams Cyber Attacks

Lapsus$: The New Name in Ransomware Gangs

Security Boulevard

MARCH 15, 2022

Lapsus$: The New Name in Ransomware Gangs. According to The Record , the largest media conglomerate in Portugal, Impresa, was a target of the Lapsus$ ransomware over the New Year holiday break. The ransomware group specified that “they are not looking for data” but rather to buy remote VPN access to the corporate network.

Ransomware

Ransomware Telecommunications Firmware Media

Bad Luck: BlackCat Ransomware Bulletin

Security Boulevard

MAY 9, 2022

Blackcat Ransomware. On April 19th of 2022, the FBI Cyber Division released a flash bulletin regarding the Blackcat ransomware-for-hire. This was met with mixed reactions - some found the ransomware to be of little concern , others made a case for tracking its progress. Malware Traits of Blackcat Ransomware.

Ransomware

Ransomware Antivirus Backups Passwords

Ransomware rolled through business defenses in Q2 2022

Malwarebytes

JULY 13, 2022

Ransomware has given security professionals a headache for the better part of a decade. Germany, the UK, and Italy also registered high ransomware tallies. To understand how we got here, let’s first take a closer look at recent statistics on the top ransomware variants, countries and industries attacked. Top ransomware variants.

Ransomware

Ransomware Manufacturing Government Computers and Electronics

FBI warns food and agriculture to brace for seasonal ransomware attacks

Malwarebytes

APRIL 28, 2022

The Federal Bureau of Investigation (FBI) recently released a Private Industry Notification warning agriculture cooperatives (also known as “farmers’ co-ops”) of the looming danger of well-timed ransomware attacks. After-effects of ransomware attacks against the FA sector. And corn is a commodity. It fluctuates daily.

Ransomware

Ransomware Technology Firmware Internet

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware

Ransomware DDOS Passwords Backups

QNAP update stops Deadbolt ransomware, annoys some users, starts debate

Malwarebytes

JANUARY 28, 2022

Earlier this week (25 January, 2022) news broke that a ransomware group was targeting QNAP Network Attached Storage (NAS) devices. QNAP) pushed out an automatic, forced, update with firmware containing the latest security updates to protect against the attackers’ “DeadBolt” ransomware. Today QNAP® Systems, Inc.

Ransomware

Ransomware Firmware Encryption Backups

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

Threat profile: Ranzy Locker ransomware

Malwarebytes

OCTOBER 28, 2021

Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. Ranzy Locker is a successor of ThunderX and AKO ransomware. Ransomware-as-a-Service. The group behind Ranzy Locker is not very different in its business approach from other “big game” ransomware gangs.

Ransomware

Ransomware Backups Encryption Firmware

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

Q1 2021 saw the appearance of two new botnets. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. News overview.

DDOS

DDOS Cryptocurrency Media Marketing

SonicWall Warning: 'Imminent Risk of a Targeted Ransomware Attack'

SecureWorld News

JULY 14, 2021

Just because the infamous REvil ransomware gang suddenly disappeared this week does not mean it's time to relax on the cybersecurity front. x firmware in an imminent ransomware campaign using stolen credentials. x firmware in an imminent ransomware campaign using stolen credentials.

Risk

Risk Ransomware Firmware Mobile

Over 15 Million Systems Exposed to Known Exploited Vulnerabilities

eSecurity Planet

APRIL 5, 2023

Tens of thousands of new security vulnerabilities are discovered each year; the value of CISA’s KEV catalog is that it helps organizations prioritize the software and firmware flaws that threat groups are actively exploiting — and many of those exploited flaws are older ones that users have failed to apply patches for.

Ransomware

Ransomware Firmware Cybersecurity Healthcare

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Ransomware attacks on critical infrastructure and a surge in exploited vulnerabilities are getting the attention of U.S. BlackByte Ransomware Attack Methods, IoCs. The FBI-Secret Service warning came just ahead of news that the NFL’s San Francisco 49ers had also been hit by BlackByte ransomware. The FBI and U.S.

Ransomware

Ransomware Encryption Backups Accountability

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. The Cring ransomware appeared in the threat landscape in January, it was first reported by Amigo_A and the CSIRT team of Swisscom. The #CRING #ransomware is then downloaded via certutill.

VPN

VPN Ransomware Antivirus Firmware

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021.

Education

Education Ransomware Phishing Passwords

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. Targeted attacks exploiting CVE-2021-40444. PC statistics. Mobile statistics. Targeted attacks. WildPressure targets macOS. Other malware.

Malware

Malware Banking Energy and Utilities Accountability

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Security Affairs

AUGUST 2, 2021

The flaws could be exploited by attackers to conduct a broad range of malicious activities, such as carrying out a man-in-the-middle (MitM) attack to change or deploying ransomware. “This type of control could enable sophisticated and worrisome ransomware attacks, as well as allow attackers to leak sensitive hospital information.”

Healthcare

Healthcare Firmware Manufacturing Ransomware

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

This is our latest installment, focusing on activities that we observed during Q3 2021. This activity seems to have continued and stretched into 2021, when we spotted a set of recent attacks using the same techniques and malware to gain a foothold in diplomatic organizations based in Central Asia. The most remarkable findings.

Malware

Malware Government Surveillance Spyware

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare

Healthcare Ransomware Encryption Passwords

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

MARCH 8, 2021

The flaws affect QNAP NAS firmware versions prior to August 2020. All NAS devices with QNAP firmware released before August 2020 are currently vulnerable to these attacks. QNAP NAS users should check and update their firmware as soon as possible. The malware involved in the campaign was dubbed UnityMiner by 360 Netlab experts.

Cryptocurrency

Cryptocurrency Firmware Malware Threat Detection

Flaws in Dell BIOSConnect feature affect 128 device models

Security Affairs

JUNE 24, 2021

.” Below the list of vulnerability diclosed by the Eclypsium experts: CVE-2021-21571 – Insecure TLS connection from BIOS to Dell, allows threat actors to impersonate Dell.com and deliver malicious code to the victim’s device. The PC maker released client-side BIOS firmware updates to address the other two flaws.

Firmware

Firmware Hacking Technology Ransomware

Security Affairs newsletter Round 347

Security Affairs

JANUARY 2, 2022

If you want to also receive for free the newsletter with the international press subscribe here. If you want to also receive for free the newsletter with the international press subscribe here.

Banking

Banking Firmware Malware Ransomware

QNAP extends security Updates for some EOL devices

Security Affairs

FEBRUARY 15, 2022

NAS devices are privileged targets of cybercriminals, a couple of weeks ago QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. Recently a new wave of Qlocker ransomware was observed targeting QNAP NAS devices worldwide. Pierluigi Paganini.

Firmware

Firmware Ransomware Encryption Hacking

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. “A successful exploit of this issue could impede a company’s ability to bill customers, forcing a disruption of services, similar to the consequences suffered by Colonial Pipeline following its 2021 ransomware attack.”

Firmware

Firmware Authentication Passwords Manufacturing

Security Affairs newsletter Round 376 by Pierluigi Paganini

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. million Twitter accounts available for sale.

Firmware

Firmware Surveillance Malware DDOS

Ranzy Locker ransomware hit tens of US companies in 2021

Ransomware threat to SonicWall Customers

Webinars

Trending Sources

HelloKitty ransomware gang targets vulnerable SonicWall devices

Webinars

Three more ransomware attacks hit Water and Wastewater systems in 2021

Cyber Security Roundup for March 2021

637 flaws in industrial control system (ICS) products were published in H1 2021

SonicWall Warning: 'Imminent Risk of a Targeted Ransomware Attack'

QNAP force-installs update against the recent wave of DeadBolt ransomware infections

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Top 10 Malware Strains of 2021

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Ransomware: February 2022 review

Another ransomware payment recovered by the Justice Department

DeadBolt Ransomware Decryption Key Released

North Korean APT targets US healthcare sector with Maui ransomware

BlackByte ransomware breached at least 3 US critical infrastructure organizations

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Ransomware: April 2022 review

The Biggest Lessons about Vulnerabilities at RSAC 2021

Cyber Security Roundup for June 2021

Lapsus$: The New Name in Ransomware Gangs

Bad Luck: BlackCat Ransomware Bulletin

Ransomware rolled through business defenses in Q2 2022

FBI warns food and agriculture to brace for seasonal ransomware attacks

Avoslocker ransomware gang targets US critical infrastructure

QNAP update stops Deadbolt ransomware, annoys some users, starts debate

FBI warns of ransomware attacks targeting the food and agriculture sector

Threat profile: Ranzy Locker ransomware

DDoS attacks in Q1 2021

SonicWall Warning: 'Imminent Risk of a Targeted Ransomware Attack'

Over 15 Million Systems Exposed to Known Exploited Vulnerabilities

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

FBI warns of increase in PYSA ransomware attacks targeting education

IT threat evolution Q3 2021

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

APT trends report Q3 2021

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Flaws in Dell BIOSConnect feature affect 128 device models

Security Affairs newsletter Round 347

QNAP extends security Updates for some EOL devices

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs newsletter Round 376 by Pierluigi Paganini

Stay Connected