Authentication, Backups, Firmware and Internet

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Uninterruptible power supply (UPS) devices provide emergency backup power for mission-critical systems. Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. ” continues Armis.

Firmware

Firmware IoT Authentication Backups

FBI issues advisory over Play ransomware

Malwarebytes

DECEMBER 19, 2023

Screenshot of the PLAY leak site The joint CSA emphasizes the importance of having an actionable recovery plan, using multi-factor authentication (MFA) , and keeping all operating systems, software, and firmware up to date. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers.

Ransomware

Ransomware Backups Encryption Firmware

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Hot for Security

MARCH 17, 2021

“The cyber actors then exfiltrate files from the victim’s network, sometimes using the free opensource tool WinSCP5, and proceed to encrypt all connected Windows and/or Linux devices and data, rendering critical files, databases, virtual machines, backups, and applications inaccessible to users,” according to the advisory. and others.

Education

Education Healthcare Government Ransomware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. The company also recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

Ransomware

Ransomware Backups Media Malware

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

SecureWorld News

OCTOBER 8, 2023

Use the 3-2-1 backup rule. Turn off the internet connection if you will not be using it for an extended period. Additionally, be cautious when adding new friends; verify their authenticity through known offline connections. Use the administrator account only for maintenance, software installation, or firmware updates.

Firmware

Firmware IoT Accountability Passwords

Warning issued about Vice Society ransomware targeting the education sector

Malwarebytes

SEPTEMBER 7, 2022

The CSA also mentions the gang exploiting internet-facing applications without providing details. But you should also realize that while it’s easy to say that you need reliable and easy to deploy backups, for example, it’s not always easy to follow that advice. Ensure all backup data is encrypted, immutable (i.e.,

Education

Education Ransomware Backups Passwords

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

. “Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. The good news is in the latter attack the victims restored its backups.

Ransomware

Ransomware Passwords Backups Firmware

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

The report includes MD5 hashes of suspicious ASPX files discovered on compromised Microsoft Internet Information Services (IIS) servers and a list of commands used by ransomware operators observed by the researchers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware Accountability Firmware Antivirus

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Manufacturing Passwords Internet

Bad Luck: BlackCat Ransomware Bulletin

Security Boulevard

MAY 9, 2022

Either way, this ransomware-for-hire has been around far longer (in internet terms) than the bulletin may have some believe, having been first seen in September 2021. The ransomware targets virtual machines and snapshots, looking to escape containers, encrypt any possible persistence, and wipe out backups that weren’t carefully archived.

Ransomware

Ransomware Antivirus Backups Passwords

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released. Require phishing-resistant MFA for as many services as possible—particularly for webmail, VPNs, accounts that access critical systems, and privileged accounts that manage backups.

Ransomware

Ransomware VPN Cybercrime Accountability

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. ” concludes the CISA advisory.

Backups

Backups Authentication Advertising Firmware

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Using misconfigured multi-factor authentication (MFA) and an unpatched Windows vulnerability, Russian state-sponsored hackers were able to breach a non-governmental organization (NGO) and escalate privileges, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI revealed last week. Implement network segmentation.

VPN

VPN Accountability Authentication Passwords

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups.

Passwords

Passwords Architecture Backups Cyber Attacks

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

Unauthenticated vulnerability scans should be conducted to view the systems from the perspective of an external hacker and authenticated vulnerability scans should be conducted to view systems from the perspective of a hacker with stolen credentials. Systems that cannot be rolled back will need to be restored from backup or replaced promptly.

Penetration Testing

Penetration Testing Risk Firmware Software

Cloud Security: The Shared Responsibility Model

eSecurity Planet

OCTOBER 20, 2022

Drivers, Firmware, Software : Cloud providers bear responsibility to secure, test, and update the software and code that supports the firmware and the basic software infrastructure of the cloud. The Center for Internet Security (CIS) provides access to hardened images , CIS Controls and CIS Benchmarks as guidance for deployments.

Backups

Backups Firewall Encryption Software

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

Require multi-factor authentication for remote access to OT and IT networks. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. After assessing risks, if RDP is deemed operationally necessary, restrict the originating sources and require multi-factor authentication.

Ransomware

Ransomware Healthcare Phishing Risk

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

The Last Watchdog

APRIL 28, 2020

Make sure you do everything possible to secure your mobile devices and that both the firmware and software are routinely updated. Backup your data frequently on hard drives that aren’t connected 24/7 to the internet. Always remember. Never trust. Always question. Always verify.” I’ll keep watch.

Social Engineering

Social Engineering Cyber Attacks Scams Engineering

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet. Nowadays, malware is an indispensable part of the internet (even if we do not like it).

IoT

IoT Cybersecurity Manufacturing Internet

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Regularly back up data, air gap, and password protect backup copies offline. Use multifactor authentication where possible.

Passwords

Passwords Government Firmware Accountability

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

2000 Children’s Internet Protection Act (CIPA): Requires K–12 schools to restrict children’s exposure to obscene digital content, monitor the online activity of minors, and educate students about appropriate behavior on the internet. Keep all operating systems, software, and firmware up to date.

Education

Education Ransomware Cybersecurity Risk

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

Threat modeling can be applied to a wide range of things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. OWASP [link] Back to Table of contents▲ 1.1.

IoT

IoT Firmware Mobile Manufacturing

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

Networks connect devices to each other so that users can access assets such as applications, data, or even other networks such as the internet. Although beyond the scope of the network, effective network security relies upon the effective authentication of the user elsewhere in the security stack.

Firewall

Firewall Network Security Penetration Testing Encryption

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

CVE-2021-33885 – Insufficient Verification of Data Authenticity (CVSS 9.7). CVE-2021-33882 – Missing Authentication for Critical Function (CVSS 8.2). Lastly, the pump runs its own custom Real Time Operating System (RTOS) and firmware on a M32C microcontroller. Braun on January 11, 2021.

Computers and Electronics

Computers and Electronics Authentication Software Risk

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

with no internet. This exposed data includes everything from emails and documents typed to passwords entered for authentication purposes. By obtaining sensitive authentication access, attackers can break into the vendor network or user account. Often organizations can mitigate ransomware attacks by having up-to-date backups.

Malware

Malware Adware Spyware Antivirus

How to protect your business from supply chain attacks

Malwarebytes

FEBRUARY 1, 2023

Any threats coming from the internet must be stopped at the endpoint. And while approval is pending, a separate group creates offline backups of essential files that are needed in the event of an error and affected systems need restoring. Create and test offline backups Speaking of backups, never assume they work.

Software

Software Risk Backups Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. held a pilot of a new Internet voting system. Halderman : In 2010, Washington D.C.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. held a pilot of a new Internet voting system. Halderman : In 2010, Washington D.C.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. held a pilot of a new Internet voting system. Halderman : In 2010, Washington D.C.

Hacking

Hacking Mobile Software Technology

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. Passwordless authentication : Eliminates passwords in favor of other types of authentication such as passkeys, SSO, biometrics, or email access. 50% cloud targets.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

APT trends report Q2 2022

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). Our two private reports provided technical information on the Windows and SPARC variants respectively. Other interesting discoveries.

Malware

Malware Firmware Phishing Cryptocurrency

Cyber Security Informer

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

FBI issues advisory over Play ransomware

Webinars

Trending Sources

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Webinars

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

Warning issued about Vice Society ransomware targeting the education sector

FBI warns of ransomware attacks targeting the food and agriculture sector

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Maze ransomware operators claim to have breached LG Electronics

FBI warns of ransomware threat to food and agriculture

Bad Luck: BlackCat Ransomware Bulletin

Daixin Team targets health organizations with ransomware, US agencies warn

CISA warns of critical flaws in Prima FlexAir access control system

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Vulnerability Management Policy Template

Cloud Security: The Shared Responsibility Model

US CISA and FBI publish joint alert on DarkSide ransomware

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

IoT Secure Development Guide

Network Protection: How to Secure a Network

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Types of Malware & Best Malware Protection Practices

How to protect your business from supply chain attacks

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

APT trends report Q2 2022

Top SD-WAN Solutions for Enterprise Security

Stay Connected