Firmware, Information Security, Ransomware and VPN

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. The Cring ransomware appeared in the threat landscape in January, it was first reported by Amigo_A and the CSIRT team of Swisscom. SecurityAffairs – hacking, Fortinet VPN).

VPN

VPN Ransomware Antivirus Firmware

NSA, CISA release guidance on hardening remote access via VPN solutions

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN

VPN Government Firmware Authentication

HelloKitty ransomware gang targets vulnerable SonicWall devices

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware

Ransomware Firmware Mobile InfoSec

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

SonicWall has issued an urgent security alert to warn customers of “ an imminent ransomware campaing ” targeting EOL equipment. SonicWall has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL). x firmware versions.

Firmware

Firmware Ransomware Passwords Mobile

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure.

Ransomware

Ransomware DDOS Passwords Backups

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

Healthcare and Public Health sector with ransomware. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware

Ransomware VPN Cybercrime Accountability

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

AgeLocker ransomware operation targets QNAP NAS devices

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. ” reads the security advisory published by the vendor. . ” continues the advisory. Pierluigi Paganini.

Ransomware

Ransomware Cryptocurrency Malware Internet

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware

Ransomware Antivirus Passwords Malware

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. “A new ransomware known as Checkmate has recently been brought to our attention.

Ransomware

Ransomware Encryption Passwords Internet

QNAP warns new Deadbolt ransomware attacks exploiting zero-day

Security Affairs

SEPTEMBER 6, 2022

QNAP warns customers of ongoing DeadBolt ransomware attacks that are exploiting a zero-day vulnerability in Photo Station. QNAP warns customers of an ongoing wave of DeadBolt ransomware attacks, threat actors are exploiting a zero-day vulnerability in Photo Station. This is to enhance the security of your QNAP NAS.

Ransomware

Ransomware Internet Internet Encryption

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption Passwords Malware

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. And this isn’t just limited to ransomware attacks. Consider installing and using a VPN.

Education

Education Ransomware Phishing Passwords

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The FBI has issued a Private Industry Notification (PIN) about cybercriminal actors targeting the food and agriculture sector with ransomware attacks. Ransomware attacks targeting the food and agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. Consider installing and using a VPN.

Ransomware

Ransomware Manufacturing Passwords Internet

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline. FBI and DHS’s CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group. The group provides Ransomware-as-a-Service (RaaS) to a network of affiliates.

Ransomware

Ransomware Healthcare Phishing Risk

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare

Healthcare Ransomware Encryption Passwords

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN

VPN Firewall Firmware Authentication

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. Citrix blog post: security updates for Citrix SD-WAN WANOP release 10.2.6 Citrix blog post: firmware updates for Citrix ADC and Citrix Gateway versions 12.1

Government

Government VPN Firmware Energy and Utilities

Security Affairs newsletter Round 309

Security Affairs

APRIL 11, 2021

Every week the best security articles from Security Affairs free for you in your email box. Clop Ransomware operators plunder US universities Malware attack on Applus blocked vehicle inspections in some US states 2,5M+ users can check whether their data were exposed in Facebook data leak 33.4%

Cyber Attacks

Cyber Attacks Firmware Malware VPN

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Last week’s RSA Conference covered a litany of network security vulnerabilities, from developing more robust tokenization policies and to addressing UEFI-based attacks, and non-endpoint attack vectors. Ransomware: Encryption, Exfiltration, and Extortion. Also Read: Types of Malware | Best Malware Protection Practices for 2021.

Software

Software DNS Firmware VPN

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure. US CISA warns of Ransomware attacks impacting pipeline operations.

Artificial Intelligence

Artificial Intelligence eCommerce Firmware Hacking

Cyber Security Informer

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

NSA, CISA release guidance on hardening remote access via VPN solutions

Trending Sources

HelloKitty ransomware gang targets vulnerable SonicWall devices

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Avoslocker ransomware gang targets US critical infrastructure

Daixin Team targets health organizations with ransomware, US agencies warn

FBI warns of ransomware attacks targeting the food and agriculture sector

AgeLocker ransomware operation targets QNAP NAS devices

BlackCat Ransomware gang breached over 60 orgs worldwide

New Checkmate ransomware target QNAP NAS devices

QNAP warns new Deadbolt ransomware attacks exploiting zero-day

FBI published a flash alert on Mamba Ransomware attacks

FBI warns of increase in PYSA ransomware attacks targeting education

FBI warns of ransomware threat to food and agriculture

US CISA and FBI publish joint alert on DarkSide ransomware

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs newsletter Round 309

The Biggest Lessons about Vulnerabilities at RSAC 2021

Security Affairs newsletter Round 252

Stay Connected