2023, Cybercrime, Firmware and Information Security

Report Reveals Top Cyber Threats, Trends of 2023 First Half

SecureWorld News

JUNE 13, 2023

Critical Start today released its biannual Cyber Intelligence Report, featuring the top threats observed in the first half of 2023 and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government industries. After a brief hiatus, Emotet threat actors resumed their operations in early March 2023.

Cyber threats

Cyber threats Malware Phishing Penetration Testing

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence

Artificial Intelligence Firmware Data breaches Hacking

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. through 4.73, VPN series firmware versions 4.60

Firewall

Firewall Firmware VPN DDOS

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches

Data breaches Cybercrime Firewall Artificial Intelligence

Gafgyt botnet is targeting EoL Zyxel routers

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware

Firmware Hacking Cybercrime Information Security

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches Cybercrime Ransomware Passwords

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. Residential proxies also can refer to households protected by compromised home routers running factory-default credentials or outdated firmware.

Scams

Scams DDOS Cryptocurrency Accountability

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

The group published a series of screenshots of the company’s CTMS and ERP databases The Money Message group threatens to publish the stolen files by Wednesday, April 12, 2023, if the company will not pay the ransom. Today MSI confirmed the security breach, it confirmed that threat actors had access to some of its information service systems.

Ransomware

Ransomware Firmware Hacking Manufacturing

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS

DDOS Engineering Firmware Architecture

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. The threat actors infected at least 8.9

Mobile

Mobile Advertising Malware Cybercrime

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

I first explored and predicted the impacts several years ago and called out multiple shifts for the 2023 predictions. Research efforts will also scale across applications, operating systems, firmware, and hardware. Aggressive nations have a ripple effect on the entire cybersecurity industry. In 2024: 1.

Risk

Risk Cybersecurity CISO Technology

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

ForAllSecure

FEBRUARY 22, 2023

There's the you know, these little ESP chips that have like, all in one Wi Fi and a little Linux or a little you know that OS that's just trivial and you download the firmware, you tweak a few things and you've got blinky lights, the magic can talk to other things and like do all sorts of cool stuff. Everybody's building their own badges.

Engineering

Engineering Hacking Wireless Marketing

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 15, 2023

FBI and CISA published a new advisory on AvosLocker ransomware More than 17,000 WordPress websites infected with the Balada Injector in September Ransomlooker, a new tool to track and analyze ransomware groups’ activities Apple releases iOS 16 update to fix CVE-2023-42824 on older devices Phishing, the campaigns that are targeting Italy A new (..)

DDOS

DDOS Data breaches Cybercrime Ransomware

Cyber Security Informer

Report Reveals Top Cyber Threats, Trends of 2023 First Half

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Trending Sources

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Gafgyt botnet is targeting EoL Zyxel routers

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Interview With a Crypto Scam Investment Spammer

MSI confirms security breach after Money Message ransomware attack

A new Mirai botnet variant targets TP-Link Archer A21

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected