Krebs on Security

SEPTEMBER 8, 2020

None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users. “We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. .

Software 310

Software Backups Authentication Internet 310

Krebs on Security

DECEMBER 8, 2020

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. So do yourself a favor and backup before installing any patches.

DNS 336

DNS Backups Malware Software 336

Krebs on Security

JANUARY 14, 2020

As first reported Monday by KrebsOnSecurity, Microsoft addressed a severe bug ( CVE-2020-0601 ) in Windows 10 and Windows Server 2016/19 reported by the NSA that allows an attacker to spoof the digital signature tied to a specific piece of software. So do yourself a favor and backup your files before installing any patches.

Software 282

Software Backups Malware Banking 282

Krebs on Security

JULY 14, 2020

Top of the heap this month in terms of outright scariness is CVE-2020-1350 , which concerns a remotely exploitable bug in more or less all versions of Windows Server that attackers could use to install malicious software simply by sending a specially crafted DNS request.

DNS 330

DNS Backups Software System Administration 330

Krebs on Security

NOVEMBER 4, 2020

“Previously, when a victim of ransomware had adequate backups, they would just restore and go on with life; there was zero reason to even engage with the threat actor,” the report observes. ” Image: Coveware Q3 2020 report. With stolen data, a threat actor can return for a second payment at any point in the future.

Ransomware 361

Ransomware Backups Data breaches Encryption 361

Krebs on Security

FEBRUARY 9, 2021

Nine of the 56 vulnerabilities earned Microsoft’s most urgent “critical” rating, meaning malware or miscreants could use them to seize remote control over unpatched systems with little or no help from users. So do yourself a favor and backup your files before installing any patches.

DNS 340

DNS Backups Software Phishing 340

Krebs on Security

JANUARY 13, 2021

Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users. 10 is the most dangerous).

Backups 318

Backups Malware Marketing Software 318

Security Affairs

FEBRUARY 24, 2021

Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2.

Backups 136

Backups Cryptocurrency DNS Malware 136

Adam Levin

DECEMBER 16, 2020

If 2020 taught us anything, it’s to expect the unexpected–and do the best we can in a rapidly changing world. Bad privacy practices, misleading security policies, and sometimes outright malware are all par for the course for free VPN services. as a means of delivering ads, malware, or capturing login credentials.

VPN 245

VPN Antivirus Passwords Backups 245

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware 355

Ransomware Encryption Backups Manufacturing 355

Adam Levin

AUGUST 26, 2020

In 2020 alone, we’ve seen ransomware attacks bring the operations of international corporations and high-powered law firms to a standstill. Consider researching the alternatives to Zoom to have a backup service in place if there’s another outage. Competing services such as Skype and Google Meet offer free versions.

Education 246

Education Backups Social Engineering Engineering 246

Krebs on Security

OCTOBER 8, 2020

This includes pivoting from or converting a single compromised Microsoft Windows user account to an administrator account with greater privileges on the target network; the ability to sidestep and/or disable any security software; and gaining the access needed to disrupt or corrupt any data backup systems the victim firm may have.

Cybercrime 352

Cybercrime VPN Malware Ransomware 352

Krebs on Security

MAY 11, 2021

Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. ” Another curious bug fixed this month is CVE-2020-24587 , described as a “Windows Wireless Networking Information Disclosure Vulnerability.”

Wireless 316

Wireless Internet Internet Backups 316

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. The malware stole data and encrypted files to block remediation attempts.

Firewall 75

Firewall Hacking Malware Passwords 75

Anton on Security

JANUARY 3, 2023

this data point is from 2020 , so treat this as a low boundary in 2023. This also reminds me that if you are owned, your cloud environment is probably also owned…] “Mandiant research indicates that threat actors are increasingly targeting backups to inhibit reconstitution after an attack. Now, go and read the report!

Cybersecurity 185

Cybersecurity Backups DDOS Ransomware 185

Webroot

MARCH 31, 2021

Are you taking the pledge this World Backup Day? Now in its tenth year, World Backup Day remains one of our favorite reminders of the risks of not backing up the data we hold dear. Numbers are great, and necessary for showing the scope of the problem, but I wanted to see how data loss—and backups—affect real people.

Backups 80

Backups Data preservation Ransomware Encryption 80

Security Affairs

NOVEMBER 24, 2020

Following the takedown, the operators behind the TrickBot malware have implemented several improvements to make it more resilient. What’s more, the malware operators appear to have switched to using MikroTik routers as C&C servers, and were observed using an EmerDNS domain as a backup server. ” contunues the analysis.

Malware 117

Malware Backups Ransomware Hacking 117

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job.

Hacking 359

Hacking Ransomware Banking Accountability 359

Krebs on Security

JUNE 12, 2019

Most of the critical vulnerabilities — those that can be exploited by malware or miscreants to infect systems without any action on the part of the user — are present in Microsoft’s browsers Internet Explorer and Edge. Adobe will stop supporting Flash at the end of 2020. Staying up-to-date on Windows patches is good.

Backups 211

Backups Malware Software Engineering 211

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The Taiwanese vendor published a security advisory to warn its customers of the ongoing attacks and is urging them to install the latest Malware Remover version and scan their devices for indicators of compromise.

Ransomware 144

Ransomware Backups Media Malware 144

Malwarebytes

JUNE 8, 2022

The common wisdom goes that Linux malware is rare, and for the most part this is true. Thanks to its built-in security defenses, strict user privilege model, and transparent source code, Linux enjoys far fewer malware infections than other operating systems. Cloud Snooper. How it works. How it works. HiddenWasp. How it works.

Malware 122

Malware IoT DDOS Firewall 122

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware 105

Malware Adware Spyware Antivirus 105

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. ” reported The Record. . ” reported The Record. Pierluigi Paganini.

Ransomware 145

Ransomware Encryption Backups Malware 145

CyberSecurity Insiders

FEBRUARY 16, 2021

In another news related to cyber attack, France Cyber Security authorities have detected that the United States SolarWinds cyber attack could have been launched on its infrastructure in 2017 that remained undetected till 2020 or until security firm FireEye revealed it to the world.

Cyber Attacks 144

Cyber Attacks Insurance Backups Encryption 144

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. This criminal practice is adopted since August by several gangs, including Sekhmet , Conti , and Ryuk. PIN Number 20201210-001.

Ransomware 144

Ransomware Backups Firmware Accountability 144

Security Affairs

SEPTEMBER 21, 2023

The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the recently discovered supply chain attack dates back to 2020. org subdomain. reported Kasperksy. It’s estimated that much less than 0.1%

Malware 125

Malware Backups Software Hacking 125

Security Affairs

JUNE 24, 2021

The name ChaChi comes from two key components of the malware, Cha shell and Chi sel. ChaChi has been first observed in the wild in the first half of 2020, but cybersecurity experts underestimated it. The malware was recently employed in attacks against large US schools and education organizations. . ” . . ” .

Ransomware 145

Ransomware Education DNS Backups 145

CyberSecurity Insiders

OCTOBER 24, 2021

Hackers are always interested in events that grab the attention of the entire globe and one such sporting event was the Tokyo Olympics 2020 that was postponed by the organizers because of COVID-19 Pandemic and rescheduled and held between July–August 2021 i.e. in this year. Tokyo Olympics 2020 Games were held at a cost of $15.8

Cyber Attacks 141

Cyber Attacks Cyber Risk Backups Education 141

Krebs on Security

FEBRUARY 2, 2021

“As a result, we lost the proxy and destination backup servers,” SPR explained. 16, 2020, several of Joker’s long-held domains began displaying notices that the sites had been seized by the U.S. SPR claims his site lost access to a significant inventory — more than 600,000 unsold stolen payment card accounts.

Cybercrime 255

Cybercrime Media Accountability Hacking 255

CyberSecurity Insiders

APRIL 28, 2021

The product release is happening through Kasten business and K10 happens to be a cloud based backup and disaster recovery software that offers business continuity to Kubernetes environments. Veeam’s Kasten K10 platform supports HPE Ezmeral Container Platforms, Nutanix Karbon, Red Hat OpenShift, Microsoft Azure Stack and backup to NFS Targets.

Ransomware 108

Ransomware Backups Software Encryption 108

Krebs on Security

SEPTEMBER 30, 2023

“Experience in backup, increase privileges, mikicatz, network. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware 277

Ransomware Accountability Cybercrime Backups 277

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. In early 2020, several cybercriminals groups followed suit. About the essayist.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Malwarebytes

APRIL 14, 2022

Zloader or Zbot are common names used to refer to any malware related to the ZeuS family. Zloader has a Domain Generating Algorithm (DGA) embedded within the malware that creates additional domains as a fallback or backup communication channel for the botnet. Legal action. Domain Generating Algorithm. Stay safe, everyone!

Backups 136

Backups Banking Internet Internet 136

Security Affairs

DECEMBER 7, 2021

Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes. “Glupteba malware masquerades as free, downloadable software, videos, or movies (“freeware”) and infects a device when a user clicks on a link to the freeware. .” ” reads the post published by Google.

Backups 130

Backups Advertising Accountability Malware 130

Security Affairs

AUGUST 30, 2022

A team of researchers from the Georgia Institute of Technology has analyzed the backups of more than 400,000 unique web servers and discovered 47,337 malicious plugins installed on 24,931 unique WordPress websites. Post-deployment attacks infected $834K worth of previously benign plugins with malware.” Among these, $41.5K

Backups 144

Backups Malware Technology Hacking 144