Encryption, Firmware, Hacking and VPN - Cyber Security Informer

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. This ransomware encrypts data from victims with AES-256 + RSA-8192 and then demands a ~ 2 BTC ransom to get the files back. . SecurityAffairs – hacking, Fortinet VPN).

VPN

VPN Ransomware Antivirus Firmware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

“Once the attacker successfully logs in to a device, they encrypt data in shared folders and leave a ransom note with the file name “!CHECKMATE_DECRYPTION_README” ” The ransomware appends the.checkmate extension to the filenames of encrypted files, it drops a ransom note named !CHECKMATE_DECRYPTION_README

Ransomware

Ransomware Encryption Passwords Internet

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Security Affairs

SEPTEMBER 22, 2021

The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices. SecurityAffairs – hacking, SOHO). This code is part of Circle , which is used to implement parental control features to these devices. R6700v3 – 1.0.4.106 R6900 – 1.0.2.16

DNS

DNS Firmware VPN Risk

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server. In another compromise, the group leveraged on compromised credentials to access a legacy VPN server.

Ransomware

Ransomware VPN Cybercrime Accountability

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption Passwords Malware

QNAP warns new Deadbolt ransomware attacks exploiting zero-day

Security Affairs

SEPTEMBER 6, 2022

today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet. We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. Once encrypted the content of the device, the ransomware appends.

Ransomware

Ransomware Internet Internet Encryption

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware DDOS Passwords Backups

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

To prevent unwanted access and protect data in transit, wireless connections must be secured with strong authentication procedures, encryption protocols, access control rules, intrusion detection and prevention systems, and other security measures. As a result, wireless networks are prone to eavesdropping, illegal access and theft.

Wireless

Wireless Encryption Authentication IoT

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

The types of vulnerabilities affecting the devices are Inadequate Encryption Strength, Session Fixation, Exposure of Sensitive Information to an Unauthorized Actor, Improper Input Validation, Unrestricted Upload of File with Dangerous Type, Insecure Default Variable Initialization, Use of Hard-coded Credentials. ” continues the alert.

Firmware

Firmware VPN Firewall Risk

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

According to open-source reporting, since August 2020, DarkSide actors have been targeting multiple large, high-revenue organizations, resulting in the encryption and theft of sensitive data. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. Pierluigi Paganini.

Ransomware

Ransomware Healthcare Phishing Risk

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

As an example, we could use communications between systems that are not properly encrypted. Improper encryption. Hackers or other malicious sources can intercept poorly encrypted communications on the web. Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack.

IoT

IoT Cybersecurity Manufacturing Internet

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

. “The APT actors may be using any or all of these CVEs to gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks,” continues the advisory. SecurityAffairs – hacking, Fortinet FortiOS).

Passwords

Passwords Government Firmware Accountability

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Adam Levin

FEBRUARY 10, 2020

But, then again, you may have been hacked–“wiped” being the current term of art and something Iran has earned a reputation for. Consider requiring employees to log in to a VPN (virtual private network), especially if they’re connecting to the company network remotely. You may have made a mistake.

Passwords

Passwords Phishing Password Management Accountability

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. Brute-force attacks on services that use SSH, a more advanced protocol that encrypts traffic, can yield similar outcomes. per day, or $1350 per month. BTC to recover the data.

IoT

IoT DDOS Passwords Malware

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak. FC Barcelona and the International Olympic Committee Twitter accounts hacked. Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks. Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks.

Artificial Intelligence

Artificial Intelligence eCommerce Firmware Hacking

Exposed security cameras in Israel and Palestine pose significant risks

Security Affairs

OCTOBER 10, 2023

While this communication system is useful for transferring real-time data, it offers neither encryption nor lockout mechanisms against password-guessing. Use encryption mechanisms to secure communications between the camera and the viewing client. A virtual private network (VPN) for remote access is preferred.

Risk

Risk Encryption VPN Passwords

Cyber Security Informer

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Who and What is Behind the Malware Proxy Service SocksEscort?

Trending Sources

New Checkmate ransomware target QNAP NAS devices

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Daixin Team targets health organizations with ransomware, US agencies warn

FBI published a flash alert on Mamba Ransomware attacks

QNAP warns new Deadbolt ransomware attacks exploiting zero-day

Avoslocker ransomware gang targets US critical infrastructure

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

FBI warns of ransomware attacks targeting the food and agriculture sector

CISA is warning of vulnerabilities in GE Power Management Devices

US CISA and FBI publish joint alert on DarkSide ransomware

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Overview of IoT threats in 2023

Security Affairs newsletter Round 252

Exposed security cameras in Israel and Palestine pose significant risks

Stay Connected