Authentication, Backups, Internet and Software

From Backup to Backdoor: Exploitation of CVE-2022-36537 in R1Soft Server Backup Manager

Fox IT

FEBRUARY 22, 2023

During a recent incident response case, we found traces of an adversary leveraging ConnectWise R1Soft Server Backup Manager software (hereinafter: R1Soft server software). The adversary used it as an initial point of access and as a platform to control downstream systems connected via the R1Soft Backup Agent.

Backups

Backups Software Authentication Internet

Patch Tuesday, May 2024 Edition

Krebs on Security

MAY 14, 2024

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. To ensure your Mac is up-to-date, go to System Settings, General tab, then Software Update and follow any prompts.

Microsoft Patch Tuesday, August 2020 Edition

Krebs on Security

AUGUST 11, 2020

Microsoft today released updates to plug at least 120 security holes in its Windows operating systems and supported software, including two newly discovered vulnerabilities that are actively being exploited. Yes, good people of the Windows world, it’s time once again to backup and patch up!

Backups

Backups Internet Internet Malware

Citrix Bleed widely exploitated, warn government agencies

Malwarebytes

NOVEMBER 24, 2023

The vulnerability provides attackers with the capability to bypass multi-factor authentication (MFA) and hijack legitimate user sessions, and is said to be very easy to exploit. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication products are not impacted. Create offsite, offline backups.

Government

Government Ransomware Backups Software

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

The Last Watchdog

NOVEMBER 18, 2019

What’s happened is this: Digital transformation has raced forward promoting high-velocity software innovation, with only a nod to security. Kim: Yes, companies want assurance that they have an offline backup, yet they also want to be able to monitor what people are doing with those backups, as well.

Backups

Backups Encryption Data privacy Digital transformation

How Secure Is Cloud Storage? Features, Risks, & Protection

eSecurity Planet

JANUARY 18, 2024

Cloud storage is a cloud computing model that allows data storage on remote servers operated by a service provider, accessible via internet connections. Local storage prioritizes direct access, potential cost savings, and reduced reliance on the internet, yet lacks the scalability and security of the cloud.

Risk

Risk Backups Encryption DDOS

FBI and CISA publish guide to Living off the Land techniques

Malwarebytes

FEBRUARY 9, 2024

Implement authentication and authorization controls for all human-to-software and software-to-software interactions regardless of network location. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs. Create offsite, offline backups.

Software

Software Ransomware Backups Manufacturing

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

MARCH 6, 2021

Set-up 2-factor authentication. Two-factor authentication or two-step verification involves adding a step to add an extra layer of protection to accounts. A VPN encrypts all internet traffic so that it is unreadable to anyone who intercepts it. Use antivirus software. Even the most strong password is not enough.

VPN

VPN Firewall Antivirus Passwords

DIVD discloses three new unpatched Kaseya Unitrends zero-days

Security Affairs

JULY 27, 2021

Experts found three new zero-day flaws in the Kaseya Unitrends service and warn users to avoid exposing the service to the Internet. The vulnerabilities include remote code execution and authenticated privilege escalation on the client-side. ” reads the advisory. Pierluigi Paganini. SecurityAffairs – hacking, zero-days).

Backups

Backups Financial Services Internet Internet

Cybersecurity for Nonprofits: Cost-Effective Defense Strategies

SecureWorld News

JANUARY 21, 2024

Some of the most effective ones you can implement include: Employing employee training and awareness With human error often being the weakest link in any company’s operations, it's vital for nonprofits to educate their staff and volunteers, which includes safe internet practices and recognizing potential threats that exist.

Cybersecurity

Cybersecurity Backups Cyber threats Software

Why Schools are Low-Hanging Fruit for Cybercriminals

IT Security Guru

JULY 4, 2023

Schools frequently have old hardware, insufficient security software, and a shortage of cybersecurity staff due to this lack of financial investment. Inadequate Patch Management As obsolete software frequently has known security problems, it is a typical entry point for attackers.

Education

Education Passwords Backups IoT

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Many API vulnerabilities also expose business logic functions in the software. The challenge is around discovery, security testing, protection and the visual understanding of the interconnected nature of this modern software. But business logic abuse may get worse. There will be an increase in compliance requirements, like U.S.

Cybersecurity

Cybersecurity Marketing Encryption CISO

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

As an enterprise security team, you could restrict internet access at your egress points, but this doesn’t do much when the workforce is remote. Back up your data and secure your backups in an offline location. In short, anything accessible from the internet should be given extra attention.

Risk

Risk Ransomware Internet Internet

FBI issues advisory over Play ransomware

Malwarebytes

DECEMBER 19, 2023

Once inside a network, Play uses specialized tools to try and disable anti-virus software and remove log files. Screenshot of the PLAY leak site The joint CSA emphasizes the importance of having an actionable recovery plan, using multi-factor authentication (MFA) , and keeping all operating systems, software, and firmware up to date.

Ransomware

Ransomware Backups Encryption Firmware

7 Cyber Safety Tips to Outsmart Scammers

Webroot

FEBRUARY 26, 2024

They come in all shapes and sizes, lurking in the shadowy corners of the internet. You can also be a good internet citizen by forwarding these scams to the U.S. Keep your devices updated Newsflash: Cybercriminals love exploiting vulnerabilities in outdated software like it’s Black Friday at the cybercrime emporium.

Scams

Scams VPN Passwords Phishing

Giant health insurer struck by ransomware didn't have antivirus protection

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Detect intrusions. Stop malicious encryption.

Antivirus

Antivirus Insurance Ransomware Healthcare

Recognising Scam Patterns and Preventing Data Loss: A Unified Approach

IT Security Guru

NOVEMBER 20, 2023

By gathering specific information, they craft a meticulously personalised message that appears legitimate, making it exceedingly difficult to distinguish from authentic communication, given their increasing sophistication. Multi-Factor Authentication (MFA): MFA requires users to provide two or more verification methods to gain access.

Scams

Scams Phishing Backups Cyber threats

Zloader, another botnet, bites the dust

Malwarebytes

APRIL 14, 2022

The Zloader at hand is a botnet made up of computing devices in businesses, hospitals, schools, and homes around the world which is run by a global internet-based organized crime gang operating malware as a service that is designed to steal and extort money. Legal action. We also saw this method recently used against the Strontium group.

Backups

Backups Telecommunications Banking Internet

Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach

Malwarebytes

JULY 27, 2021

While they are working as hard as they can to help customers, and customers of their customers, recover from the REvil ransomware attack at the beginning of July, a new vulnerability in their software has been disclosed. Unitrends is a Kaseya company and a provider of all-in-one enterprise backup and continuity solutions.

Backups

Backups Authentication Internet Internet

LastPass was undone by an attack on a remote employee

Malwarebytes

FEBRUARY 28, 2023

After this, the attacker was able to wait until the employee entered their master password and authenticated themselves with multi-factor authentication. Start using multi-factor authentication (MFA) to make your account immune to similar compromises in future. Keep software up to date. Change your router password.

VPN

VPN Media Backups Passwords

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

SEPTEMBER 8, 2020

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. The majority of the most dangerous or “critical” bugs deal with issues in Microsoft’s various Windows operating systems and its web browsers, Internet Explorer and Edge.

Software

Software Backups Authentication Internet

Microsoft Patch Tuesday, April 2020 Edition

Krebs on Security

APRIL 14, 2020

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Adobe did release security updates for its ColdFusion, After Effects and Digital Editions software. So do yourself a favor and backup your files before installing any patches.

Backups

Backups Software Internet Internet

Microsoft Patch Tuesday, May 2021 Edition

Krebs on Security

MAY 11, 2021

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser.

Wireless

Wireless Internet Internet Backups

Kaseya fixed two of the three Kaseya Unitrends zero-days found in July

Security Affairs

AUGUST 26, 2021

Software firm Kaseya addressed Kaseya Unitrends zero-day vulnerabilities that were reported by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD). The vulnerabilities include remote code execution and authenticated privilege escalation on the client-side. reads the advisory. “Do

Backups

Backups Authentication Financial Services Firewall

IaaS Security: Top 8 Issues & Prevention Best Practices

eSecurity Planet

DECEMBER 19, 2023

Moreover, understanding basic best practices and the varied variety of software contributing to good IaaS cloud security improves your capacity to construct a strong defense against prospective attacks. IaaS is a cloud computing model that uses the internet to supply virtualized computer resources.

Encryption

Encryption Firewall Authentication Software

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

MAY 8, 2019

Key takeaways: Protected backup Even with increased adoption of cloud computing, external storage devices, like USB thumb drives and external hard drives, still have a major role in organizations of all sizes. That’s why DataLocker built encryption into the storage device and made it accessible with password authentication.

Encryption

Encryption Backups Internet Internet

Warning issued about Vice Society ransomware targeting the education sector

Malwarebytes

SEPTEMBER 7, 2022

The CSA also mentions the gang exploiting internet-facing applications without providing details. But you should also realize that while it’s easy to say that you need reliable and easy to deploy backups, for example, it’s not always easy to follow that advice. Ensure all backup data is encrypted, immutable (i.e.,

Education

Education Ransomware Backups Passwords

Exposing the ransomware lie to “leave hospitals alone”

Malwarebytes

JANUARY 9, 2024

Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs. Create offsite, offline backups. Prevent intrusions.

Ransomware

Ransomware Passwords Backups Healthcare

How to work from home securely, the NSA way

Malwarebytes

FEBRUARY 27, 2023

Consider how many folks will only decide to start making backups once they've lost everything for the first time. Much of the NSA's advice leans heavily into ensuring all the little things are taken care of: Keep your software up to date. Use a password manager and two-factor authentication (2FA). Keep your router updated.

Social Engineering

Social Engineering Backups VPN Passwords

The importance of computer identity in network communications: how to protect it and prevent its theft

Security Affairs

DECEMBER 9, 2020

The confidentiality of information in internet communications. Internet communications use the protocol called TCP/IP (Transmission Control Protocol/Internet Protocol), which allows information to be transmitted from one computer to another through a series of intermediate computers and networks. The hash function.

Authentication

Authentication Encryption Passwords Social Engineering

Cisco VPNs without MFA are under attack by ransomware operator

Malwarebytes

AUGUST 28, 2023

The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication (MFA). Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs. Create offsite, offline backups.

Ransomware

Ransomware VPN Passwords Backups

Cloud Backup and Recovery: What to Expect in 2018

Spinone

JANUARY 21, 2018

Many IT specialists are predicting that 2018 will be “the year of the cloud”, as companies increasingly have to deal with the backup needs of massive amounts of data, connect more and more devices to the Internet of Things , and start to appreciate the benefits that a cloud-based IT strategy can offer.

Backups

Backups Computers and Electronics Technology Mobile

Portnox Cloud: NAC Product Review

eSecurity Planet

APRIL 19, 2023

Founded in 2007, Por t nox began selling a software-based NAC solution to be used in local networks. authentication to gather endpoint information for reporting and enforcement. Since then Portnox continued to add capabilities, launched the first cloud-native NAC in 2017, and now offers a NAC SaaS solution, Portnox Cloud.

IoT

IoT Authentication VPN Backups

Top 7 MFA Bypass Techniques and How to Defend Against Them

SecureWorld News

AUGUST 5, 2023

Multi-factor authentication (MFA) is a fundamental component of best practices for account security. Traditionally, this approach to authentication delivers a unique code to a user's email or phone, which is then inputted following the account password. SMS-based MFA MFA via SMS (i.e., However, MFA via SMS is not without its issues.

Social Engineering

Social Engineering Authentication Passwords Accountability

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

JANUARY 25, 2021

SolarWinds and Mimecast are long-established, well-respected B2B suppliers of essential business software embedded far-and-wide in company networks. 13, FireEye and Microsoft published this technical report , disclosing how the adversary got in: via trojan malware, dubbed Sunburst , carried in an Orion software update sent to FireEye.

Hacking

Hacking B2B Authentication Software

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs).

Firewall

Firewall VPN Software Risk

Social Security Numbers leaked in ransomware attack on Ohio History Connection

Malwarebytes

AUGUST 29, 2023

Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs. Create offsite, offline backups. Prevent intrusions.

Ransomware

Ransomware Data breaches Passwords Phishing

Clop ransomware is victimizing GoAnywhere MFT customers

Malwarebytes

MARCH 13, 2023

The CVE of the exploited vulnerability is CVE-2023-0669 , and described as a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. Recent scans showed that around 1,000 administrative consoles are publicly exposed to the internet.

Ransomware

Ransomware Backups Internet Internet

PharMerica breach impacts almost 6 million people

Malwarebytes

MAY 16, 2023

Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs. Create offsite, offline backups. Prevent intrusions.

Identity Theft

Identity Theft Ransomware Data breaches Passwords

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Chinese hackers employed open-source tools for reconnaissance and vulnerability scanning, according to the government experts, they have utilized open-source router specific software frameworks, RouterSploit and RouterScan [ T1595.002 ], to identify vulnerable devices to target. ” reads the advisory published by the US agencies.

Telecommunications

Telecommunications Authentication Passwords Accountability

An Unholy Union: Remote Access and Ransomware

Approachable Cyber Threats

OCTOBER 16, 2020

For example, if your organization allows you to connect directly to your computer using RDP over the internet, then you’re essentially inviting a hacker right in through your front door to cause trouble. million instances of RDP that were open to the internet. accessing a shared drive), and other traffic through the internet (e.g.

Ransomware

Ransomware VPN Internet Internet

Tampa General Hospital half thwarts ransomware attack, but still loses patient data

Malwarebytes

JULY 24, 2023

Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs. Create offsite, offline backups. Prevent intrusions.

Ransomware

Ransomware Computers and Electronics Passwords Identity Theft

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

. “Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. The good news is in the latter attack the victims restored its backups.

Ransomware

Ransomware Passwords Backups Firmware

Microsoft Patch Tuesday, November 2021 Edition

Krebs on Security

NOVEMBER 9, 2021

today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Unlike the four zero-days involved in the mass compromise of Exchange Server systems earlier this year, CVE-2021-42321 requires the attacker to be already authenticated to the target’s system. Microsoft Corp.

Backups

Backups Authentication Passwords Internet

From Backup to Backdoor: Exploitation of CVE-2022-36537 in R1Soft Server Backup Manager

Patch Tuesday, May 2024 Edition

Trending Sources

Microsoft Patch Tuesday, August 2020 Edition

Citrix Bleed widely exploitated, warn government agencies

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

How Secure Is Cloud Storage? Features, Risks, & Protection

FBI and CISA publish guide to Living off the Land techniques

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

DIVD discloses three new unpatched Kaseya Unitrends zero-days

Cybersecurity for Nonprofits: Cost-Effective Defense Strategies

Why Schools are Low-Hanging Fruit for Cybercriminals

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

FBI issues advisory over Play ransomware

7 Cyber Safety Tips to Outsmart Scammers

Giant health insurer struck by ransomware didn't have antivirus protection

Recognising Scam Patterns and Preventing Data Loss: A Unified Approach

Zloader, another botnet, bites the dust

Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach

LastPass was undone by an attack on a remote employee

Microsoft Patch Tuesday, Sept. 2020 Edition

Microsoft Patch Tuesday, April 2020 Edition

Microsoft Patch Tuesday, May 2021 Edition

Kaseya fixed two of the three Kaseya Unitrends zero-days found in July

IaaS Security: Top 8 Issues & Prevention Best Practices

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

Warning issued about Vice Society ransomware targeting the education sector

Exposing the ransomware lie to “leave hospitals alone”

How to work from home securely, the NSA way

The importance of computer identity in network communications: how to protect it and prevent its theft

Cisco VPNs without MFA are under attack by ransomware operator

Cloud Backup and Recovery: What to Expect in 2018

Portnox Cloud: NAC Product Review

Top 7 MFA Bypass Techniques and How to Defend Against Them

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Social Security Numbers leaked in ransomware attack on Ohio History Connection

Clop ransomware is victimizing GoAnywhere MFT customers

PharMerica breach impacts almost 6 million people

China-linked threat actors have breached telcos and network service providers

An Unholy Union: Remote Access and Ransomware

Tampa General Hospital half thwarts ransomware attack, but still loses patient data

FBI warns of ransomware attacks targeting the food and agriculture sector

Microsoft Patch Tuesday, November 2021 Edition

Stay Connected