Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co.,

Firewall 75

Firewall Hacking Malware Passwords 75

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. ” continues the experts.

Firmware 123

Firmware VPN Accountability Advertising 123

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 303

Scams DDOS Cryptocurrency Accountability 303

Security Affairs

SEPTEMBER 15, 2020

” The list of vulnerabilities targeted by the Chinese hackers are: CVE-2020-5902 : F5 Big-IP Vulnerability – CISA has conducted incident response engagements at Federal Government and commercial entities where the threat actors exploited CVE-2020-5902. “According to a recent U.S.

Government 104

Government VPN Firmware Energy and Utilities 104

Security Affairs

MAY 1, 2021

If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” Threat actors were exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020.

Ransomware 143

Ransomware Cryptocurrency Malware Internet 143

Security Affairs

NOVEMBER 29, 2020

Tracked as CVE-2020-25159 , the flaw is rated 9.8 The flaw, tracked as CVE-2020-25159, has received a CVSS score of 9.8 Experts was that vendors may have bought vulnerable versions of this stack before the 2012 update and are still using it in their firmware. Also recognize that VPN is only as secure as the connected devices.

Hacking 140

Hacking Firmware Internet Internet 140

Security Affairs

JANUARY 14, 2024

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” concludes the analysis.

Firewall 134

Firewall Firmware Cyber Attacks VPN 134

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. “Since the release of Zerobot 1.1,

IoT 125

IoT DDOS Malware Firmware 125

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. hard drive, storage device, the cloud). Pierluigi Paganini.

Government 103

Government Passwords Accountability Firmware 103

SecureList

MAY 10, 2021

To prevent attacks via RDP, it is recommended to hide RDP servers behind a VPN or disable UDP port 3389. That said, a VPN is no panacea if it too is vulnerable to amplification attacks. In Q1 2021, for instance, attackers went after Powerhouse VPN servers. Comparative number of DDoS attacks, Q1 2021, Q1 2020, and Q4 2020.

DDOS 141

DDOS Cryptocurrency Media Marketing 141

eSecurity Planet

APRIL 28, 2022

Malicious actors tend to focus on internet-facing systems to gain entry into a network, such as email and virtual private network (VPN) servers, using exploits targeting newly disclosed vulnerabilities. CVE-2020-1472. CVE-2020-0688. CVE-2020-2509. Also read: Best Patch Management Software & Tools. “U.S.,

Cybersecurity 115

Cybersecurity Software Firmware Internet 115

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. Consider installing and using a VPN.

Ransomware 118

Ransomware Passwords Backups Firmware 118

Malwarebytes

SEPTEMBER 3, 2021

As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Consider installing and using a VPN.

Ransomware 143

Ransomware Manufacturing Passwords Internet 143

Security Affairs

MAY 13, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. other than VPN gateways, mail ports, web ports).

Ransomware 141

Ransomware Healthcare Phishing Risk 141

eSecurity Planet

MAY 28, 2021

From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. While the design of a unified extensible firmware interface (UEFI) overcame BIOS limitations, both components critical to computer operation are an increasing target. Current Target: VBOS.

Software 120

Software DNS Firmware VPN 120

SiteLock

AUGUST 27, 2021

To help avoid these online risks, it is highly recommended to use a Virtual Private Network (VPN). VPNs are the baseline cybersecurity tool to safeguard internet-enabled devices and a home network. A VPN provides a secure internet connection, ensuring your browsing data is encrypted for maximum privacy and security.

IoT 98

IoT Spyware VPN Passwords 98

Thales Cloud Protection & Licensing

APRIL 20, 2021

Organizations suffered an unprecedented number of cyberattacks in 2020. The FBI’s Cyber Division received as many as 4,000 complaints of digital attacks a day in H1 2020, reported by The Hill. Even fewer (19%) told Proofpoint that they had updated their Wi-Fi router’s firmware.

Mobile 71

Mobile Architecture Data breaches Authentication 71

Security Affairs

APRIL 11, 2021

Clop Ransomware operators plunder US universities Malware attack on Applus blocked vehicle inspections in some US states 2,5M+ users can check whether their data were exposed in Facebook data leak 33.4%

Cyber Attacks 66

Cyber Attacks Firmware Malware Hacking 66

Security Affairs

OCTOBER 13, 2020

Here are five significant cybersecurity vulnerabilities with IoT in 2020. It can be prevented through the use of an online VPN. Even if a local network is completely secured and all IoT devices on it have firmware and software updated to the last version, a shadow IoT device can wreak havoc. The Threat is Definitely Real.

IoT 142

IoT Cybersecurity Manufacturing Internet 142

Malwarebytes

MAY 28, 2021

Two years later, the group moved to using Conti, in May 2020. Install updates/patch operating systems, software, and firmware as soon as they are released. Consider installing and using a VPN. They are perhaps one of the early groups that got into “big game” attacks—and Ryuk was designed for this very purpose.

Healthcare 124

Healthcare Ransomware Encryption Passwords 124

eSecurity Planet

MAY 19, 2022

Already a leading SD-WAN pick, the HPE subsidiary boosted its market position with acquisitions of security vendor Cape Networks in 2018 and WAN specialist Silver Peak Systems in 2020. EdgeConnect Enterprise critically comes with firewall , segmentation , and application control capabilities. Features: Aruba EdgeConnect Enterprise SD-WAN.

Firewall 121

Firewall Architecture Encryption Network Security 121

SecureList

SEPTEMBER 21, 2023

Botnet based on Medusa, working since 2020. They can be made to serve as routers (proxies or VPN servers) to anonymize illicit traffic. Paul has discovered critical vulnerabilities in the firmware and protocols of certain webcam models, and one of the vendors he contacted never even got back to him to discuss remediation.

IoT 135

IoT DDOS Passwords Malware 135

eSecurity Planet

MAY 19, 2022

Most have a handful of built-in security capabilities to offer foundational network security, including Internet Protocol Security (IPsec) virtual private networks ( VPN ), stateful firewalls , and essential threat detection and response. Not every SD-WAN solution is equal, but they all come with some level of security functionality.

Firewall 58

Firewall Architecture Software Backups 58

eSecurity Planet

MAY 2, 2024

553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. However, also consider deploying specialized tools or tools with expanded capabilities, such as: Basic input output system (BIOS) security: Operates outside of the operating system to guard the firmware and other basic software connecting the operating system to a PC.

Cybersecurity 122

Cybersecurity DDOS Penetration Testing Passwords 122

SecureList

OCTOBER 26, 2021

ReconHellcat is a little-known threat actor that was spotted publicly in 2020. During 2020 and 2021, we detected a new ShadowPad loader module, dubbed ShadowShredder, used against critical infrastructure across multiple countries, including but not limited to India, China, Canada, Afghanistan and Ukraine.

Malware 145

Malware Government Surveillance Spyware 145