Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware 96

Ransomware DDOS Passwords Backups 96

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware 126

Ransomware Firmware Antivirus Accountability 126

Security Affairs

DECEMBER 17, 2020

FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay, threatening to send individuals to their homes. “As of February 2020, in multiple instances, DoppelPaymer actors had followed ransomware infections with calls to the victims to extort payments through intimidation or threatening to release exfiltrated data.

Ransomware 137

Ransomware Backups Firmware Accountability 137

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware 102

Ransomware Antivirus Passwords Malware 102

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware 125

Ransomware Encryption Firmware Passwords 125

Security Affairs

SEPTEMBER 3, 2021

FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware 95

Ransomware Passwords Backups Firmware 95

Security Affairs

JULY 8, 2022

Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. “A new ransomware known as Checkmate has recently been brought to our attention.

Ransomware 92

Ransomware Encryption Passwords Internet 92

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt reads the security advisory published by the vendor.

Ransomware 110

Ransomware Encryption Backups Firmware 110

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. And this isn’t just limited to ransomware attacks. Consider installing and using a VPN.

Education 107

Education Ransomware Phishing Passwords 107

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. ” reads the security advisory published by the vendor. . Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 110

Ransomware Cryptocurrency Malware Internet 110

Security Affairs

FEBRUARY 24, 2022

Deadbolt ransomware operators are targeting Asustor NAS (network-attached storage) appliances. Storage solutions provider Asustor is warning its customers of a wave of Deadbolt ransomware attacks targeting its NAS devices. Once encrypted the content of the device, the ransomware appends. Source DarkFeed Twitter.

Ransomware 81

Ransomware Encryption Internet Internet 81

Security Affairs

SEPTEMBER 6, 2022

QNAP warns customers of ongoing DeadBolt ransomware attacks that are exploiting a zero-day vulnerability in Photo Station. QNAP warns customers of an ongoing wave of DeadBolt ransomware attacks, threat actors are exploiting a zero-day vulnerability in Photo Station. Once encrypted the content of the device, the ransomware appends.

Ransomware 84

Ransomware Internet Internet Encryption 84

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware 86

Ransomware Encryption Firmware Backups 86

Security Affairs

FEBRUARY 14, 2022

The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. Secret Service (USSS) to provide information on BlackByte ransomware. ” reads the advisory.

Ransomware 88

Ransomware Accountability Firmware Antivirus 88

Security Affairs

SEPTEMBER 20, 2020

National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. PowerShell) to easily deploy tooling or ransomware.

Education 144

Education Ransomware Antivirus Backups 144

Security Affairs

MAY 20, 2022

Taiwanese vendor QNAP warned customers of a new wave of DeadBolt ransomware attacks and urges them to install the latest updates. The company issued the alert in response to a new wave of DeadBolt ransomware attacks targeting NAS devices using QTS 4.3.6 recently detected a new attack by the DEADBOLT Ransomware. and QTS 4.4.1.

Ransomware 95

Ransomware Internet Internet Firmware 95

Security Affairs

APRIL 23, 2021

A new ransomware strain dubbed Qlocker is infecting hundreds of QNAP NAS devices every day and demanding a $550 ransom payment. Experts are warning of a new strain of ransomware named Qlocker that is infecting hundreds of QNAP NAS devices on daily bases. If anyone's dealing with the QLocker QNAP NAS ransomware, feel free to DM me.

Ransomware 116

Ransomware Backups Media Malware 116

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. The Cring ransomware appeared in the threat landscape in January, it was first reported by Amigo_A and the CSIRT team of Swisscom. The #CRING #ransomware is then downloaded via certutill.

VPN 94

VPN Ransomware Antivirus Firmware 94

Malwarebytes

SEPTEMBER 3, 2021

The FBI has issued a Private Industry Notification (PIN) about cybercriminal actors targeting the food and agriculture sector with ransomware attacks. Ransomware attacks targeting the food and agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. ” Internet of Things.

Ransomware 138

Ransomware Manufacturing Passwords Internet 138

Security Affairs

JUNE 25, 2020

Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics. Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators. Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.”

Computers and Electronics 101

Computers and Electronics Ransomware Mobile Telecommunications 101

Security Affairs

OCTOBER 15, 2021

A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year.

Ransomware 92

Ransomware Cyber threats Firmware Backups 92

Security Affairs

AUGUST 12, 2019

Canon DSLR Camera Infected with Ransomware Over the Air. A researcher discovered 6 flaws in the image transfer protocol used in Canon EOS 80D DSLR cameras that allow him to infect the device with ransomware over the air. An attacker could exploit the flaw to compromise the device and install ransomware on the camera.

Firmware 86

Firmware Ransomware Wireless Encryption 86

Security Affairs

OCTOBER 1, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 98

Artificial Intelligence Firmware Data breaches Hacking 98

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare 110

Healthcare Ransomware Encryption Passwords 110

Security Affairs

MAY 13, 2021

FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline. FBI and DHS’s CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group. The group provides Ransomware-as-a-Service (RaaS) to a network of affiliates.

Ransomware 107

Ransomware Healthcare Phishing Risk 107

Security Affairs

OCTOBER 22, 2022

Healthcare and Public Health sector with ransomware. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022. ” reads the alert. .” ” reads the alert.

Ransomware 68

Ransomware VPN Cybercrime Accountability 68

Security Affairs

DECEMBER 3, 2020

The infamous TrickBot gets a new improvement, authors added a new feature dubbed “ TrickBoot ” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature.

Firmware 88

Firmware Malware Manufacturing Hacking 88

Security Affairs

MARCH 8, 2021

The flaws affect QNAP NAS firmware versions prior to August 2020. All NAS devices with QNAP firmware released before August 2020 are currently vulnerable to these attacks. QNAP NAS users should check and update their firmware as soon as possible. The malware involved in the campaign was dubbed UnityMiner by 360 Netlab experts.

Cryptocurrency 104

Cryptocurrency Firmware Malware Threat Detection 104

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 86

Ransomware Firmware Advertising Insurance 86

Security Affairs

OCTOBER 9, 2022

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches 88

Data breaches Firmware Ransomware Hacking 88

Security Affairs

OCTOBER 15, 2023

Lockbit ransomware gang demanded an 80 million ransom to CDW CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

DDOS 94

DDOS Data breaches Cybercrime Ransomware 94

Security Affairs

FEBRUARY 23, 2022

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. “The actor has so far primarily deployed Cyclops Blink to WatchGuard devices, but it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware.”

Malware 89

Malware Firmware Architecture Firewall 89

Security Affairs

AUGUST 2, 2021

The flaws could be exploited by attackers to conduct a broad range of malicious activities, such as carrying out a man-in-the-middle (MitM) attack to change or deploying ransomware. “This type of control could enable sophisticated and worrisome ransomware attacks, as well as allow attackers to leak sensitive hospital information.”

Healthcare 106

Healthcare Firmware Manufacturing Ransomware 106

Security Affairs

JUNE 5, 2022

Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited Microsoft blocked Polonium attacks against Israeli organizations LockBit ransomware attack impacted production in a Mexican Foxconn plant Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks An international police operation dismantled FluBot (..)

Spyware 102

Spyware Firmware Ransomware Scams 102

Security Affairs

FEBRUARY 15, 2022

“The support for EOL models will be limited to high or critical security updates until the end of Technical Support and Security Updates date,”. DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems.

Firmware 80

Firmware Ransomware Encryption Hacking 80

Security Affairs

MAY 21, 2023

million NPM packages found containing the TurkoRat infostealer Lemon Group gang pre-infected 9 million Android devices for fraudulent activities Apple fixed three new actively exploited zero-day vulnerabilities KeePass 2.X

Data breaches 87

Data breaches Cybercrime Ransomware Passwords 87