Backups, Firmware, Hacking and Passwords

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The site also hosts password dumps allegedly stolen from the Russian company. SecurityAffairs – hacking, Fuxnet) Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini

Malware

Malware Firmware IoT Hacking

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. “The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks.

Ransomware

Ransomware Backups Media Malware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Implement network segmentation and maintain offline backups of data to ensure limited interruption to the organization. Regularly back up data, password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. ransomware and phishing scams).

Ransomware

Ransomware DDOS Passwords Backups

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The good news is in the latter attack the victims restored its backups. The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

eSecurity Planet

JUNE 30, 2023

This recent exploitation expands their repertoire, highlighting their ability to hack and steal critical data through the MOVEit Transfer web applications with the LEMURLOOT web shell. Backup and Restoration: Keep offline backups of data and execute backup and restore on a regular basis.

Ransomware

Ransomware Backups Passwords Software

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts using weak passwords. All your data has been encrypted, backups have been deleted.

Ransomware

Ransomware Encryption Passwords Internet

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

According to the advisory that was issued with the help of leading cybersecurity firms (Dragos, Mandiant, Microsoft, Palo Alto Networks, and Schneider Electric), nation-state hacking groups were able to hack multiple industrial systems using a new ICS-focused malware toolkit dubbed PIPEDREAM that was discovered in early 2022.

Passwords

Passwords Architecture Backups Cyber Attacks

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware

Ransomware Firmware Antivirus Accountability

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3 (Hybrid Backup Sync).” Once the ransomware has infected a device, it moves all the files on the NAS into password-protected 7z archives and demands the payment of a $550 ransom. SecurityAffairs – hacking, QNAP NAS).

Ransomware

Ransomware Encryption Backups Firmware

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. Pierluigi Paganini.

Ransomware

Ransomware Antivirus Passwords Malware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

According to the alert, when one of the DiskCryptor files are detected, in order to attempt to recover the files without paying the ransom, it is possible to determine if the myConf.txt is still accessible and then recover the password. Install updates/patch operating systems, software, and firmware as soon as they are released. •

Ransomware

Ransomware Encryption Passwords Malware

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

“The actors have leveraged privileged accounts to gain access to VMware vCenter Server and reset account passwords [ T1098 ] for ESXi servers in the environment. Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released. ” reads the alert.

Ransomware

Ransomware VPN Cybercrime Accountability

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

SecurityAffairs – hacking, Zeppelin ransomware). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks appeared first on Security Affairs.

Ransomware

Ransomware Encryption Firmware Backups

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

The advisory also provides mitigations: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware

Ransomware Accountability Firmware Antivirus

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. .

Passwords

Passwords Government Firmware Accountability

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

FormBook FormBook is an information stealer advertised in hacking forums. NanoCore NanoCore is used for stealing victims' information, including passwords and emails. For the top malware strains, the advisory provides six mitigations: Update software, including operating systems, applications, and firmware, on IT network assets.

Malware

Malware Banking Penetration Testing Healthcare

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

The Last Watchdog

APRIL 28, 2020

Sadly, coronavirus phishing and ransomware hacks already are in high gear. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks. Leaders of the top hacking collectives are astute and disciplined.

Social Engineering

Social Engineering Cyber Attacks Scams Engineering

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. SecurityAffairs – Prima FlexAir, hacking).

Backups

Backups Authentication Advertising Firmware

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. Poor credentials. What does this mean? Vicious insider.

IoT

IoT Cybersecurity Manufacturing Internet

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

For example, Wi-Fi protected access (WPA) requires users to provide a password or passphrase to gain access to the network. Ensure that your password is complex, unique, and has a mix of upper and lower case letters, numbers and symbols. Change it often, particularly as employees leave, and use a guest network if possible.

Wireless

Wireless Encryption Authentication IoT

Secure Kali Pi (2022)

Kali Linux

AUGUST 1, 2022

When you format any LUKS partitions, you will be prompted for a password, and while normally you will use a strong password, because we are only using this as a hack to include cryptsetup into our initramfs, the password you create at this prompt will not be needed or used past these steps, so you can set it to something short/quick to type.

Encryption

Encryption Passwords Backups Firmware

Top 9 Cybersecurity Challenges SMEs Currently Face

Responsible Cyber

APRIL 8, 2020

Businesses must also ensure they have secure backups of their critical data. Hence, since ransomware locks down files permanently (unless businesses want to cough up the ransom) backups are a crucial safeguard to recover from the hack. Hold training sessions to help employees manage passwords and identify phishing attempts.

Cybersecurity

Cybersecurity DDOS Small Business Phishing

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Secure practices like robust admin passwords and advanced encryption ensure control over traffic, safeguarding personal information and increasing the odds of a secure online experience. Proper home router practices , such as enabling encryption settings and providing strong default admin passwords, will dramatically improve network security.

Malware

Malware Antivirus Software Passwords

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

APRIL 26, 2022

Like any other criminal hack. It’s about challenging our expectations about the people who hack for a living. A village is like a mini conference within a larger conference and it is not just at DEF CON, ICS village is also at RSAC, Hack the Capital, AvergerCon, BSides, and many more.

Hacking

Hacking Energy and Utilities Manufacturing Firmware

Community Showcase: Raspberry Pi Zero W P4wnP1 A.L.O.A.

Kali Linux

OCTOBER 12, 2022

A L ittle O ffensive A pplication)” It takes the standard Kali Linux image and adds custom software and some extra firmware designed for the Raspberry Pi Zero W to turn it into a Swiss Army knife of attacks and exfiltration. Select the above SSID, and then we login with the password : MaMe82-P4wnP1. GiB) copied, 101 s, 63.6

Wireless

Wireless Passwords DNS Internet

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Phishing attacks: Deceptive techniques, such as fraudulent emails or websites, trick individuals into revealing sensitive information like credit card and payment information, passwords, or login credentials. Remote access trojans (RATs): RATs can be used to remotely gain control of a machine, placing the user’s privacy and security at risk.

Software

Software Data breaches DDOS Ransomware

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Listen to EP 08: Hacking Voting Systems. They invited us and other members of the public to try to hack it. There were PDFs of Election Day passwords that supervisors use to start in elections. Bee: Can you tell me what the password was? It's about challenging our expectations about the people who hack for a living.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Listen to EP 08: Hacking Voting Systems. They invited us and other members of the public to try to hack it. There were PDFs of Election Day passwords that supervisors use to start in elections. Bee: Can you tell me what the password was? It's about challenging our expectations about the people who hack for a living.

Hacking

Hacking Mobile Software Technology

APT Attacks & Prevention

eSecurity Planet

MARCH 23, 2022

Advanced persistent threats come from skilled attackers possessing advanced hacking tools, sophisticated techniques, and possibly large teams. Threat groups have been tolerated in Russia, for example, in exchange for assurances that their hacking activity will be conducted in other countries. Use strong passwords. What Are APTs?

Firewall

Firewall Malware Phishing Software

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

Listen to EP 08: Hacking Voting Systems. They invited us and other members of the public to try to hack it. There were PDFs of Election Day passwords that supervisors use to start in elections. Bee: Can you tell me what the password was? It's about challenging our expectations about the people who hack for a living.

Hacking

Hacking Mobile Software Technology

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

Unique Considerations for Infusion Pump Hacking. Lastly, the pump runs its own custom Real Time Operating System (RTOS) and firmware on a M32C microcontroller. The backup archive can then be downloaded for later restore of the settings. We detail this analysis in section “Unique Consideration for Infusion Pump Hacking” below.

Computers and Electronics

Computers and Electronics Authentication Software Risk

Ransomware: May 2022 review

Malwarebytes

JUNE 3, 2022

Not long after, a hacking group began using the leaked source code to attack targets inside Russia , violating one of ransomware’s unspoken rules. Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Known ransomware attacks by country, May 2022. Ransomware mitigations.

Ransomware

Ransomware Accountability Technology Firmware

Cyber Security Informer

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Trending Sources

Avoslocker ransomware gang targets US critical infrastructure

FBI warns of ransomware attacks targeting the food and agriculture sector

Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

New Checkmate ransomware target QNAP NAS devices

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Ranzy Locker ransomware hit tens of US companies in 2021

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

BlackCat Ransomware gang breached over 60 orgs worldwide

FBI published a flash alert on Mamba Ransomware attacks

Daixin Team targets health organizations with ransomware, US agencies warn

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

BlackByte ransomware breached at least 3 US critical infrastructure organizations

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Top 10 Malware Strains of 2021

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

Maze ransomware operators claim to have breached LG Electronics

CISA warns of critical flaws in Prima FlexAir access control system

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

Secure Kali Pi (2022)

Top 9 Cybersecurity Challenges SMEs Currently Face

How to Prevent Malware: 15 Best Practices for Malware Prevention

The Hacker Mind Podcast: Hacking Industrial Control Systems

Community Showcase: Raspberry Pi Zero W P4wnP1 A.L.O.A.

What is Incident Response? Ultimate Guide + Templates

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

APT Attacks & Prevention

The Hacker Mind Podcast: Hacking Voting Systems

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Ransomware: May 2022 review

Stay Connected