Backups, Firmware and Information - Cyber Security Informer

Quantum Threats and How to Protect Your Data

SecureWorld News

DECEMBER 8, 2024

This approach poses a significant threat, as sensitive information transmitted today could be decrypted in the future. For example, in the financial sector, if a quantum computer breaks encryption on data in transit, a threat actor could access confidential information, resulting in severe financial and reputational damage.

Encryption

Encryption Firewall Firmware Education

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. We are actively investigating the issue and will provide an updated advisory when we have more information.” . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

Internet

Internet Internet Backups Small Business

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware

Ransomware Backups Firmware Insurance

Mercedes-Benz Head Unit security research report

SecureList

JANUARY 17, 2025

Full information on the MBUX architecture can be found in the KeenLab research. Firmware The MMB runs on Linux, and its filesystems are located on the eMMC. Custom IPC Inside the head unit, firmware services use custom IPC protocols for communication between their own threads, other services and other ECUs.

Backups

Backups Architecture Firmware Software

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Jane Frankland

MAY 3, 2025

link] Meanwhile, the Co-op is grappling with claims from cyber criminals that they possess the private information of 20 million members from its membership scheme. Whether its informing employees, customers, or stakeholders, timely and transparent communication can significantly limit reputational damage and maintain trust.

Cyber Attacks

Cyber Attacks Retail Cyber threats Backups

Triada strikes back

SecureList

APRIL 25, 2025

With time, the vulnerabilities were patched, and restrictions were added to the firmware. Attackers are leveraging this by embedding malicious software into Android device firmware. Attackers are now embedding a sophisticated multi-stage loader directly into device firmware. oat ) located in the same directory.

Cryptocurrency

Cryptocurrency Malware Firmware Accountability

Ranzy Locker Ransomware warning issued by FBI

CyberSecurity Insiders

OCTOBER 28, 2021

Investigations made by the law enforcement agency state that the ransomware gang has so far targeted financial sector based companies and have stolen millions of files, including banking transactions, customer details, contact information, and other such details before encrypting the files.

Ransomware

Ransomware Firmware Backups Encryption

Spectre and Meltdown Attacks Against Microprocessors

Schneier on Security

JANUARY 5, 2018

Information about these flaws has been secretly circulating amongst the major IT companies for months as they researched the ramifications and coordinated updates. The second is that some of the patches require updating the computer's firmware. It also requires more coordination.

Firmware

Firmware Software Phishing Engineering

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Malwarebytes

MAY 8, 2023

On April 7, 2023 MSI (Micro-Star International) released a statement confirming a cyberattack on part of its information systems. The Money Message gang claimed to have stolen 1.5TB of data during the attack, including firmware, source code, and databases. Create offsite, offline backups. Don’t get attacked twice.

Firmware

Firmware Ransomware Backups Malware

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

Early this month, Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet that multiple ransomware gangs are cold-calling victims if they don’t pay the ransom and attempt to restore from backups. Patch operating systems, software, firmware, and endpoints.

Ransomware

Ransomware Backups Firmware Accountability

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware Firmware Antivirus Accountability

Topic-specific policy 7/11: backup

Notice Bored

OCTOBER 19, 2021

when I read the recommendation for a topic-specific policy on backup. If you already have a backup policy (or something with a vaguely similar title), I urge you to dig it out at this point and study it (again!) Is your backup policy exclusively about backing up computer data , most likely digital data from corporate IT systems?

Backups

Backups Risk Internet Internet

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. The company also recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

Ransomware

Ransomware Backups Media Malware

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

“Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack.” The good news is in the latter attack the victims restored its backups. ” reads the FBI’s PIN.

Ransomware

Ransomware Backups Passwords Firmware

Luna HSMs FIPS 140-3 Validation

Thales Cloud Protection & Licensing

APRIL 3, 2024

Luna HSMs FIPS 140-3 Validation sparsh Wed, 04/03/2024 - 07:52 FIPS 140-3 and You, Part Two Awhile back, we shared that Thales Luna HSMs were about to kick-off the process of moving towards Federal Information Processing Standard (FIPS) 140-3 Level 3, the newest security standard to accredit cryptographic modules. And that’s it!

Firmware

Firmware Technology Backups Marketing

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

The list of vulnerable devices includes eight LenovoEMC NAS (PX) models, nine Iomega StoreCenter (PX and IX) models and the Lenovo branded devices; ix4-300d, ix2 and EZ Media and Backup Center. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking

Hacking Firmware Advertising Backups

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

Security Affairs

FEBRUARY 6, 2024

The malware survives reboots and firmware upgrades. “Notably, the COATHANGER implant is persistent, recovering after every reboot by injecting a backup of itself in the process responsible for rebooting the system. Moreover, the infection survives firmware upgrades.” ” continues the report.

Malware

Malware Firmware VPN Backups

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3 (Hybrid Backup Sync).” Then it also deletes snapshots to prevent restoring of data from the backups and drops a ransom note (named !!!READ_ME.txt) Up to date apps and firmware seem not to help either.”

Ransomware

Ransomware Encryption Backups Firmware

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The website ruexfil.com provided detailed information about the attacks against Moscollector, the hackers also published screenshots of monitoring systems, servers, and databases they claim to have compromised. The site also hosts password dumps allegedly stolen from the Russian company. . YouTube Video 1 , YouTube Video 2 ).

Malware

Malware Firmware IoT Hacking

Data Deletion Methods: What’s Best for Sensitive Data?

eSecurity Planet

MARCH 18, 2022

Depending upon the sensitivity of the information, an IT professional may need to pursue more sophisticated levels of deletion or even destroy the hard drive itself. Once the user empties the Trash folder, the operating system removes the file information from the storage directory. Magnetic Platter Hard Drives.

Firmware

Firmware Software Technology Ransomware

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Hot for Security

MARCH 17, 2021

“The cyber actors then exfiltrate files from the victim’s network, sometimes using the free opensource tool WinSCP5, and proceed to encrypt all connected Windows and/or Linux devices and data, rendering critical files, databases, virtual machines, backups, and applications inaccessible to users,” according to the advisory. and others.

Education

Education Healthcare Government Ransomware

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Uninterruptible power supply (UPS) devices provide emergency backup power for mission-critical systems. Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices.

Firmware

Firmware IoT Authentication Backups

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Implement network segmentation and maintain offline backups of data to ensure limited interruption to the organization. Regularly back up data, password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. hard drive, storage device, the cloud).

Ransomware

Ransomware DDOS Passwords Backups

Data Deletion Methods: What’s Best for Sensitive Data?

eSecurity Planet

MARCH 18, 2022

Depending upon the sensitivity of the information, an IT professional may need to pursue more sophisticated levels of deletion or even destroy the hard drive itself. Once the user empties the Trash folder, the operating system removes the file information from the storage directory. Magnetic Platter Hard Drives.

Firmware

Firmware Software Technology Ransomware

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

backup servers, network shares, servers, auditing devices). In some attacks, government experts also observed the sabotage of backup or auditing devices to make recovery more difficult, the encryption of entire virtual servers, the use of scripting environments (i.e.

Education

Education Ransomware Antivirus Backups

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 16, 2024

Patch it now!

Data breaches

Data breaches Hacking Ransomware Cyber Attacks

Warning issued about Vice Society ransomware targeting the education sector

Malwarebytes

SEPTEMBER 7, 2022

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA) after observing Vice Society threat actors disproportionately targeting the education sector with ransomware attacks.

Education

Education Ransomware Backups Passwords

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

The FBI is seeking any information that can be shared related to the operations of the BlackCat ransomware operation. Regularly back up data, air gap, and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware Antivirus Passwords Malware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The ransom note includes information such as host system name, the threat actor’s email address, the ransomware file name, and indications on where to enter the decryption key. Furthermore, victims are told to contact the attackers by email to receive information on how they can pay a ransom to receive the decryption key.

Ransomware

Ransomware Encryption Passwords Malware

Top 12 Firewall Best Practices to Optimize Network Security

eSecurity Planet

DECEMBER 10, 2023

For in-depth log data analysis, explore using a security information and event management (SIEM) tool. Automate Patches and Updates Ensure strong network security by automating regular updates of firewall firmware and installing security patches as soon as they become available.

Firewall

Firewall Network Security Backups Education

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

SecureWorld News

OCTOBER 8, 2023

Armed with this information, hackers often try to exploit vulnerabilities in home devices and networks to breach corporate networks. Use the 3-2-1 backup rule. Here are some key safety guidelines to consider: Restrict who can view your personal information. Cyberattacks on home networks are getting more advanced.

Firmware

Firmware IoT Accountability Passwords

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. ” concludes the CISA advisory.

Backups

Backups Authentication Advertising Firmware

FBI issues advisory over Play ransomware

Malwarebytes

DECEMBER 19, 2023

Screenshot of the PLAY leak site The joint CSA emphasizes the importance of having an actionable recovery plan, using multi-factor authentication (MFA) , and keeping all operating systems, software, and firmware up to date. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers.

Ransomware

Ransomware Backups Encryption Firmware

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The FBI also encourages organizations to report any interactions with Zeppelin operators, including logs, Bitcoin wallet information, encrypted file samples, and decryptor files. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, Zeppelin ransomware).

Ransomware

Ransomware Encryption Firmware Backups

How to Decrypt Ransomware Files – And What to Do When That Fails

eSecurity Planet

OCTOBER 18, 2022

The best defense and the best option for recovery will always be the availability of sufficient, isolated data backups and a practiced restoration process. However, even with the best planning, organizations can find a few users, machines, or systems that were overlooked or whose backup may be corrupted or encrypted.

Ransomware

Ransomware Encryption Insurance Backups

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

Secret Service (USSS) to provide information on BlackByte ransomware. The report includes MD5 hashes of suspicious ASPX files discovered on compromised Microsoft Internet Information Services (IIS) servers and a list of commands used by ransomware operators observed by the researchers. ” reads the advisory.

Ransomware

Ransomware Accountability Firmware Encryption

QNAP update stops Deadbolt ransomware, annoys some users, starts debate

Malwarebytes

JANUARY 28, 2022

QNAP) pushed out an automatic, forced, update with firmware containing the latest security updates to protect against the attackers’ “DeadBolt” ransomware. more information] You can enter the decryption key below to start the decryption process and get access to all your files again. Today QNAP® Systems, Inc.

Ransomware

Ransomware Firmware Encryption Backups

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups. Limit ICS/SCADA systems’ network connections to only specifically allowed management and engineering workstations.

Passwords

Passwords Backups Architecture Cyber Attacks

Western Digital: Disconnect My Book Live drives immediately

SC Magazine

JUNE 25, 2021

Western Digital stopped supporting My Live drives in 2015, and have not updated their firmware since. Western Digital stopped supporting My Live drives in 2015, and have not updated their firmware since then. Hackers appeared to be taking advantage of a vulnerability first published in 2019. AnneElizH/CC BY-SA 4.0/[link].

Firmware

Firmware Media Internet Internet

North Korean APT targets US healthcare sector with Maui ransomware

Malwarebytes

JULY 10, 2022

“When executed at the command line without any arguments, Maui prints usage information, detailing supported command-line parameters,” Stairwell Principal Research Engineer Silas Cutler wrote in the report. Keep operating systems, applications, and firmware up to date. Create a cybersecurity response plan.

Healthcare

Healthcare Ransomware Encryption Firmware

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The FBI notice includes the following recommendations: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. ” Internet of Things. Implement network segmentation. hard drive, storage device, the cloud).

Ransomware

Ransomware Manufacturing Passwords Internet

APT trends report Q2 2022

SecureList

JULY 28, 2022

Readers who would like to learn more about our intelligence reports or request more information on a specific report, are encouraged to contact intelreports@kaspersky.com. Our two private reports provided technical information on the Windows and SPARC variants respectively. The most remarkable findings. Chinese-speaking activity.

Malware

Malware Firmware Phishing Cryptocurrency

Deadbolt Ransomware targets Asustor and QNap NAS Devices

Security Affairs

FEBRUARY 24, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. Make an immediate backup. The hijacked QNAP login screen displays a ransom note demanding the payment of 0.03 ” reads the advisory published by the vendor.

Ransomware

Ransomware Encryption Internet Internet

Quantum Threats and How to Protect Your Data

MyBook Users Urged to Unplug Devices from Internet

Trending Sources

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Mercedes-Benz Head Unit security research report

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Triada strikes back

Ranzy Locker Ransomware warning issued by FBI

Spectre and Meltdown Attacks Against Microprocessors

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Ranzy Locker ransomware hit tens of US companies in 2021

Topic-specific policy 7/11: backup

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

FBI warns of ransomware attacks targeting the food and agriculture sector

Luna HSMs FIPS 140-3 Validation

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Maze ransomware operators claim to have breached LG Electronics

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Data Deletion Methods: What’s Best for Sensitive Data?

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Avoslocker ransomware gang targets US critical infrastructure

Data Deletion Methods: What’s Best for Sensitive Data?

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Warning issued about Vice Society ransomware targeting the education sector

BlackCat Ransomware gang breached over 60 orgs worldwide

FBI published a flash alert on Mamba Ransomware attacks

Top 12 Firewall Best Practices to Optimize Network Security

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

CISA warns of critical flaws in Prima FlexAir access control system

FBI issues advisory over Play ransomware

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

How to Decrypt Ransomware Files – And What to Do When That Fails

BlackByte ransomware breached at least 3 US critical infrastructure organizations

QNAP update stops Deadbolt ransomware, annoys some users, starts debate

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Western Digital: Disconnect My Book Live drives immediately

North Korean APT targets US healthcare sector with Maui ransomware

FBI warns of ransomware threat to food and agriculture

APT trends report Q2 2022

Deadbolt Ransomware targets Asustor and QNap NAS Devices

Stay Connected