Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 81

Data breaches Cybercrime Firewall Artificial Intelligence 81

Security Affairs

NOVEMBER 1, 2021

The ATM black box attacks are quite popular in the cybercrime underground and several threat actors offer the hardware equipment and malware that could be used to compromise the ATMs. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. score of 6.8.

Hacking 114

Hacking Firmware Encryption Manufacturing 114

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Their objective is to leverage this vulnerability to deploy and install malware on the affected systems. “Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60

Firewall 91

Firewall Firmware VPN DDOS 91

Security Affairs

JULY 15, 2022

Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos researchers discovered a campaign targeting industrial engineers and operators with Sality malware. “Dragos only tested the DirectLogic-targeting malware.

Passwords 112

Passwords Software Firmware Malware 112

Security Affairs

JULY 18, 2021

“Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Ransomware 115

Ransomware Firmware Mobile InfoSec 115

Security Affairs

DECEMBER 8, 2021

The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable. ” reads the analysis published by Fortinet.

Firmware 121

Firmware DDOS Malware IoT 121

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. 231 banking malware.

Mobile 86

Mobile Advertising Malware Cybercrime 86

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 87

Data breaches Cybercrime Ransomware Passwords 87

Security Affairs

APRIL 25, 2022

The BlackCat/ALPHV a Ransomware was first discovered in December by malware researchers from Recorded Future and MalwareHunterTeam. The malware is the first professional ransomware strain that was written in the Rust programming language. Install and regularly update antivirus and anti-malware software on all hosts.

Ransomware 105

Ransomware Antivirus Passwords Malware 105

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

APRIL 7, 2023

.” The company reported the security breach to the relevant authorities, and it downplayed the incident, saying that the attack had no significant financial and operational impact. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware 85

Ransomware Firmware Hacking Manufacturing 85

SecureWorld News

JUNE 13, 2023

Two-step phishing attacks are on the rise, with attackers using convincing emails that resemble legitimate vendor communications, often related to electronic signatures, orders, invoices, or tracking information. The new Beep malware is top of mind for organizations and individuals.

Cyber threats 71

Cyber threats Malware Phishing Penetration Testing 71

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 85

DDOS Firmware Surveillance IoT 85

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws.

IoT 122

IoT Firmware Internet Internet 122

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 74

Firmware Hacking Cybercrime Information Security 74

Security Affairs

JULY 31, 2022

increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. and Blackmatter ransomware U.S.

Firmware 71

Firmware Surveillance Malware DDOS 71

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 88

Data breaches DDOS Artificial Intelligence Ransomware 88

Security Affairs

DECEMBER 22, 2022

Zerobot operators are offering the botnet as a malware-as-a-service model, one domain (zerostresser[.]com) the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 115

IoT DDOS Malware Firmware 115

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. Implementing HIPAA security measures can prevent the introduction of malware on the system.

Ransomware 68

Ransomware VPN Cybercrime Accountability 68

Security Affairs

MARCH 19, 2022

“As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion.” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” states the vendor.

Ransomware 89

Ransomware Firmware Encryption Engineering 89

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. ” concludes the expert.

Scams 69

Scams Firmware Advertising Software 69

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Organizations using Netgear, Huawei, and ZTE network devices are recommended to keep their firmware up to date and use strong passwords. Follow me on Twitter: @securityaffairs and Facebook.

IoT 103

IoT DNS Manufacturing Firmware 103

Security Affairs

SEPTEMBER 2, 2021

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware 88

Firmware Manufacturing IoT Technology 88

Security Affairs

NOVEMBER 20, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Banking 67

Banking Small Business Data breaches Firmware 67

Security Affairs

MARCH 22, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” After QNAP forced the firmware security update, the number of infections dropped to less than 300 in March. It was looking like this problem was behind us.”

Ransomware 97

Ransomware Firmware Internet Internet 97

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. The post Security Affairs newsletter Round 357 by Pierluigi Paganini appeared first on Security Affairs. Is it fake news? Follow me on Twitter: @securityaffairs and Facebook.

Data breaches 84

Data breaches Firmware Hacking Ransomware 84

Security Affairs

AUGUST 13, 2022

The FBI has observed instances where Zeppelin actors executed their malware multiple times within a victim’s network, resulting in the creation of different IDs or file extensions, for each instance of an attack; this results in the victim needing several unique decryption keys.” ” reads the joint advisory.

Ransomware 85

Ransomware Encryption Firmware Backups 85

Security Affairs

OCTOBER 26, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Implement network segmentation, such that all machines on your network are not accessible from every other machine. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 128

Ransomware Firmware Antivirus Accountability 128

Security Affairs

APRIL 25, 2023

Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security. In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event.

DDOS 90

DDOS Engineering Firmware Architecture 90

Security Affairs

MARCH 21, 2021

According to BleepingComputer , Kottmann has performed reverse engineering of the firmware used by Verkada and discovered hardcoded credentials for a super admin account. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Identity Theft 72

Identity Theft Computers and Electronics Surveillance Hacking 72

Security Affairs

JULY 10, 2023

Both tools contain software allowing for device firmware upgrades and customized features such as fingerprint impersonation, GPS spoofing, and network anonymization. Antidetect software can be installed on a cybercriminal’s device or delivered through malware or pirated apps.

Mobile 58

Mobile Banking Firmware Software 58

Security Affairs

AUGUST 10, 2021

Researchers provided the following recommendations for protecting home offices from ransomware attacks: Update device firmware to keep attacks of this nature at bay. Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS.

Ransomware 128

Ransomware Encryption Firmware Passwords 128

Security Affairs

SEPTEMBER 6, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. Ransomware operators are also offering for sale the QNAP the master decryption key for 50 BTC which could allow all the victims of this ransomware family to decrypt their files.

Ransomware 84

Ransomware Internet Internet Encryption 84

Security Affairs

FEBRUARY 24, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. The hijacked QNAP login screen displays a ransom note demanding the payment of 0.03 BTC ransom (roughly $1017) to receive a decryption key to recover the files.

Ransomware 81

Ransomware Encryption Internet Internet 81

Security Affairs

JULY 8, 2022

Go to Control Panel > System > Firmware Update. Next to Lowest SMB version , select SMB 2 or higher. Click Apply. Updating QTS, QuTS hero, or QuTScloud. Log on to QTS, QuTS hero or QuTScloud as administrator. Under Live Update , click Check for Update. QTS, QuTS hero or QuTScloud downloads and installs the latest available update.

Ransomware 92

Ransomware Encryption Passwords Internet 92

Security Affairs

FEBRUARY 14, 2022

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Implement network segmentation, such that all machines on your network are notaccessible from every other machine. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 88

Ransomware Accountability Firmware Antivirus 88