Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Colonial Pipeline ( May 2021 ) – The Colonial Pipeline facility in Pelham, Alabama, was hit by a cybersecurity attack in May and its operators were forced to shut down its systems.

Cyber Attacks 140

Cyber Attacks Ransomware Hacking Insurance 140

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

Krebs on Security

MARCH 4, 2021

At the top of a 35-page PDF leaked online is a private encryption key allegedly used by Maza administrators. This is notable because ICQ numbers tied to specific accounts often are a reliable data point that security researchers can use to connect multiple accounts to the same user across many forums and different nicknames over time.

Cybercrime 364

Cybercrime Hacking Passwords Accountability 364

Security Affairs

JULY 20, 2021

Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit to gain admin rights on systems. The vulnerability, tracked as CVE-2021-3438 , is a buffer overflow that resides in the SSPORT.SYS driver which is used by some printer models. Pierluigi Paganini.

Encryption 130

Encryption Accountability Software Hacking 130

Krebs on Security

FEBRUARY 14, 2022

Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. Wazawaka, a.k.a. .”

Ransomware 244

Ransomware VPN Cybercrime Accountability 244

Troy Hunt

JULY 21, 2021

Let's start with a poll: At your place of work, does your employer have the right to access the contents of your corporate email account if necessary? — Troy Hunt (@troyhunt) July 19, 2021 The result of the poll is crystal clear but what's much less clear is the answers to the other questions above. Have an affair."

Accountability 363

Accountability Data breaches Government InfoSec 363

SecureList

MAY 3, 2021

In Q1 2021, new banking scams appeared alongside ones that are more traditional. In Q1 2021, scammers imitating bank emails began to focus on compensation. The link redirected them to a phishing page requesting their Microsoft account credentials. The link also required entering corporate account credentials.

Phishing 137

Phishing Banking Accountability Computers and Electronics 137

eSecurity Planet

JULY 23, 2021

Your business can use LastPass to maintain unique passwords for each employee’s online accounts—a critical practice for modern cybersecurity health. Also read: Dashlane vs LastPass: Compare Top Password Managers for 2021. Reports of less severe vulnerabilities surfaced in 2016, 2017, 2019, and 2021.

Password Management 133

Password Management Passwords Authentication Architecture 133

Krebs on Security

FEBRUARY 16, 2022

9, 2021, using an unpatched critical vulnerability (CVE-2021-40539). This in turn allowed them to access the data, despite this data being encrypted.” Sheriff says they will only accept offers that are guaranteed through the forum’s escrow account. ” Update, 2:00 p.m., and other western audiences.

Hacking 298

Hacking Ransomware Media Accountability 298

SecureList

AUGUST 5, 2021

In Q2 2021, corporate accounts continued to be one of the most tempting targets for cybercriminals. A fake notification about a Microsoft Teams meeting or a request to view an important document traditionally takes the victim to a phishing login page asking for corporate account credentials. Quarterly highlights. 10.10.2021.pdf.exe”

Phishing 135

Phishing Banking Scams Computers and Electronics 135

Krebs on Security

JANUARY 19, 2022

If you created an online account to manage your tax records with the U.S. account and share the experience here. account). We take a defense-in-depth approach, with partitioned networks, and use very sophisticated encryption scheme so that when and if there is a breach, this stuff is firewalled,” Hall said.

Mobile 364

Mobile Accountability Insurance Government 364

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. SQL Injection Most high-risk vulnerabilities in 2021–2023 were associated with SQL Injection. More than a third (39%) used the microservice architecture.

Passwords 140

Passwords Authentication Architecture Risk 140

Krebs on Security

OCTOBER 2, 2023

At issue is the Zoom Personal Meeting ID (PMI), which is a permanent identification number linked to your Zoom account and serves as your personal meeting room available around the clock. The PMI portion forms part of each new meeting URL created by that account, such as: zoom.us/j/5551112222

Engineering 312

Engineering Encryption Social Engineering Healthcare 312

SecureList

AUGUST 12, 2021

Communication with the server can take place either over raw TCP sockets encrypted with RC4, or via HTTPS. While analyzing the CVE-2021-1732 exploit, first discovered by DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we found another zero-day exploit that we believe is linked to the same threat actor.

Ransomware 145

Ransomware Malware Banking Encryption 145

SecureList

MAY 10, 2021

Q1 2021 saw the appearance of two new botnets. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. News overview.

DDOS 141

DDOS Cryptocurrency Media Marketing 141

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. Botmasters and account resellers are tasked with providing initial access inside the victim’s network.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

SecureList

JULY 28, 2021

In terms of big news, Q2 2021 was relatively calm, but not completely eventless. Q2 2021 was no exception: in early July researchers at Netscout reported an increase in attacks using the Session Traversal Utilities for NAT (STUN) protocol. As expected, Q2 2021 was calm. DDoS attack duration, Q1 and Q2 2021, and Q2 2020.

DDOS 144

DDOS DNS IoT Marketing 144

SecureList

NOVEMBER 8, 2021

Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources. — Infosecurity Magazine (@InfosecurityMag) July 26, 2021. In Q3 2021, the European servers of Final Fantasy XIV were hit. Comparative number of DDoS attacks, Q2 and Q3 2021, and Q3 2020. ris botnet.

DDOS 144

DDOS Marketing Cryptocurrency IoT 144

SecureList

MAY 31, 2021

On March 2, Microsoft released out-of-band patches for four zero-day vulnerabilities in Exchange Server that are being actively exploited in the wild (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065). Ransomware encrypting virtual hard disks. The vulnerabilities are being exploited by RansomExx.

Malware 139

Malware Adware Encryption Architecture 139

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. Targeted attacks exploiting CVE-2021-40444. PC statistics. Mobile statistics. Targeted attacks. WildPressure targets macOS.

Malware 134

Malware Banking Energy and Utilities Accountability 134

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. Ireland’s Health Service Executive (HSE), which operates the country’s public health system, got hit with Conti ransomware on May 14, 2021.

Healthcare 328

Healthcare Ransomware Antivirus Hacking 328

eSecurity Planet

JULY 30, 2021

Web content filtering and VPN aren’t offered, and for encryption it merely reports on the status of Windows BitLocker, but none of those features are widely offered enough to be considered a standard EDR feature. Cons: Missing features: full-disk encryption, VPN, mobile support, web content filtering. SentinelOne Ratings.

Encryption 138

Encryption Marketing VPN Software 138

Krebs on Security

MARCH 1, 2022

27, a new Twitter account “ Contileaks ” posted links to an archive of chat messages taken from Conti’s private communications infrastructure, dating from January 29, 2021 to the present day. The Contileaks account did not respond to requests for comment. On Sunday, Feb. ” GAP #1. .

Ransomware 304

Ransomware Healthcare Cybercrime Government 304

eSecurity Planet

NOVEMBER 19, 2021

The Forrester Wave for ICS Security Solutions released earlier this month for Q4 2021 placed Cisco atop the ICS/OT security industry. Read more: Top Application Security Vendors for 2021. TLS, encryption, Auth0) Are there embedded or built-in IoT security requirements to address exposure? Cisco Features. What Are IoT Devices?

IoT 140

IoT Risk Firewall Software 140

SecureList

OCTOBER 20, 2021

We investigated 200 cases for clients in Russia in 2020, and already over 300 in the first nine months of 2021. In 2021, browsers are much safer, with some of them updating automatically, without any user participation, while browser developers continually invest in vulnerabilities assessment.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

SecureList

JUNE 17, 2021

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). March 2021. CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065.

Ransomware 144

Ransomware Encryption VPN System Administration 144

eSecurity Planet

NOVEMBER 18, 2021

A recent HP Wolf Security report found that email now accounts for 89% of all malware. Lets organizations encrypt messages and leverage the cloud to spool email if mail servers become unavailable. Proofpoint stops attacks such as credential phishing, BEC, email account compromise (EAC), and multi-stage malware.

Phishing 125

Phishing Malware Engineering Ransomware 125

eSecurity Planet

AUGUST 2, 2022

The Atlas VPN report said the number of new Linux malware samples collected soared by 646% from the first half of 2021 to the first half of 2022, from 226,334 samples to nearly 1.7 Windows still leads overall due to its commanding market share, accounting for 41.4 million malware samples in the first half of 2022.

Malware 141

Malware VPN Encryption Marketing 141

Krebs on Security

JANUARY 6, 2022

“The key to the wallet is encrypted and stored securely in the cloud. ” NortonLifeLock began offering the mining service in July 2021, but the program gained broader attention on Jan. . “Norton creates a secure digital Ethereum wallet for each user,” the FAQ reads. Only you have access to the wallet.”

Cryptocurrency 352

Cryptocurrency Computers and Electronics Antivirus Identity Theft 352

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. ru account and posted as him.

Ransomware 277

Ransomware Accountability Cybercrime Backups 277

Cisco Security

NOVEMBER 29, 2021

It was so amazing to return to London for the Black Hat Europe 2021 Network Operations Center (NOC). Again, wiping 70 devices ( Black Hat USA 2021 had 300 devices!) WiFi settings were also installed remotely, as well as restrictions and other settings, then the devices were shipped to England. The other half is Clarity for iOS.

DNS 145

DNS Malware Mobile Firewall 145

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. banks are stiffing account takeover victims. A single bitcoin is trading at around $45,000. ” SEPTEMBER.

Cryptocurrency 292

Cryptocurrency Cybercrime Computers and Electronics Scams 292

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication. Encrypting sensitive data wherever possible.

Healthcare 325

Healthcare Backups Ransomware Insurance 325

The Last Watchdog

AUGUST 18, 2021

There are simple steps consumers can take today, for free, to lower their overall risk of a cyber attack, including using multi-factor authentication for their accounts and using strong passwords. Pulitzer Prize-winning business journalist Byron V.

Antivirus 223

Antivirus Marketing Identity Theft Social Engineering 223

Security Affairs

MAY 27, 2021

As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a U.S. The feds uncovered the attack in May 2021, government experts reported that the threat actors likely created an account with the username “elie” to gain persistence on the network.

VPN 135

VPN Government Hacking Accountability 135

Security Affairs

JULY 8, 2022

The security firm states that the AstraLocker decryptor works for ransomware versions based on the Babuk malware that appends the.Astra or.babyk extensions to the name of the encrypted files. “Be sure to quarantine the malware from your system first, or it may repeatedly lock your system or encrypt files. a-z0-9]{4} extension.

Ransomware 138

Ransomware Encryption Malware Accountability 138

SecureList

OCTOBER 7, 2021

This roundup spotlights the ransomware Trojan families that most actively attacked businesses in the CIS in H1 2021, and their technical characteristics. Number of business users in the CIS who encountered ransomware, January–July 2021 ( download ). Encrypted files and a note from the attackers. Introduction. Statistics.

Ransomware 144

Ransomware Encryption Passwords Malware 144