SecureList

MAY 10, 2021

Q1 2021 saw the appearance of two new botnets. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. News overview.

DDOS 140

DDOS Cryptocurrency Media Marketing 140

eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. The advisory entails the top 15 Common Vulnerabilities and Exposures (CVEs) that were routinely exploited by malicious cyber actors in 2021, plus another 21 frequently exploited CVEs.

Cybersecurity 116

Cybersecurity Software Firmware Internet 116

Security Affairs

JULY 18, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”. The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. reads the alert published by the company.

Ransomware 137

Ransomware Firmware Mobile InfoSec 137

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 143

Firmware Surveillance Marketing VPN 143

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software 121

Software DNS Firmware VPN 121

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 128

VPN Firewall Firmware Authentication 128

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 The password for this account can be found in cleartext in the firmware.” reads the advisory published by NIST.

Firmware 124

Firmware Passwords Accountability VPN 124

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021. com, sscompany[.]net,

Malware 237

Malware VPN Internet Internet 237

Malwarebytes

AUGUST 23, 2022

In September 2021 we told you about insecure Hikvision security cameras that were ready to be taken over remotely. The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. One possible exploit of this vulnerability was published by packet storm in October 2021.

Firmware 96

Firmware Internet Internet VPN 96

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A ” The above issue is tracked as CVE-2021-40859 and received a CVSS score of 9.8. An attacker can escalate these privileges to “sub-admin” ( CVE-2021-40857 ) to configure the PBX. “Firmware Update 8.2B

Firmware 112

Firmware Manufacturing Passwords Penetration Testing 112

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 98

Firewall VPN Firmware Internet 98

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN 111

VPN Authentication Passwords Software 111

Krebs on Security

MAY 22, 2023

Very often, this proxy software is installed surreptitiously, such as through a “Free VPN” service or mobile app. Residential proxies also can refer to households protected by compromised home routers running factory-default credentials or outdated firmware. billion last year.

Scams 307

Scams DDOS Cryptocurrency Accountability 307

Thales Cloud Protection & Licensing

APRIL 20, 2021

Organizations Need a New NetSec Approach, Reveals Verizon’s 2021 Mobile Security Index. Tue, 04/20/2021 - 11:33. In the MSI 2021, more than half of respondents told Verizon that their organizations allowed employees to access corporate IT assets over public Wi-Fi. Verizon’s MSI 2021, page 72. Verizon’s MSI 2021, page 73.

Mobile 71

Mobile Architecture Data breaches Authentication 71

Security Affairs

DECEMBER 22, 2022

The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches.

IoT 125

IoT DDOS Malware Firmware 125

Security Affairs

MARCH 23, 2021

“GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).”

Firmware 102

Firmware VPN Firewall Risk 102

Security Affairs

SEPTEMBER 3, 2021

.” The PIN provides a series of examples of ransomware attacks impacting food and agriculture sector businesses, such as an attack that took place in January 2021 against an identified US farm that resulted in losses of approximately $9 million due to the disruption of the farming operations. Consider installing and using a VPN.

Ransomware 118

Ransomware Passwords Backups Firmware 118

eSecurity Planet

MARCH 21, 2022

By using a misconfigured Cisco Duo MFA implementation to force enrollment of a new device, the hackers were then able to use the “PrintNightmare” Windows Print Spooler vulnerability ( CVE-2021-34527 and CVE-2021-36958 ) to obtain administrator privileges. Inactive Accounts and Default Configurations. Network Best Practices.

VPN 119

VPN Accountability Authentication Passwords 119

Security Affairs

JUNE 27, 2022

The timeline of the issues is: On September 15, 2021 ?Started Started research on ABB AC series PLC & CODESYS V2 runtime On September 29, 2021, 3 vulnerabilities about CODESYS V2 runtime were submitted to codesys On October 25, 2021, codesys published a security advisory and a latest version of CODESYS V2 runtime 2.4.7.56

Software 108

Software Manufacturing Firmware Risk 108

Webroot

OCTOBER 31, 2024

This payment would be nearly double the previous record of $40 million paid by CNA Financial in 2021.The The attack began with the exploitation of unpatched FortiOS vulnerabilities in the company’s VPN infrastructure, allowing initial access to the network.

Malware 108

Malware Ransomware Passwords Healthcare 108

Security Boulevard

MARCH 15, 2022

The LHR was created to limit Ethereum mining capabilities in the NVidia RTX 30 series graphics cards, after the cryptomining community depleted the stock in early 2021. The ransomware group specified that “they are not looking for data” but rather to buy remote VPN access to the corporate network. But first things first.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 118

Ransomware DDOS Passwords Backups 118

Malwarebytes

MARCH 17, 2021

link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021. To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Consider installing and using a VPN. Use multi-factor authentication wherever possible. Disable hyperlinks in received emails.

Education 111

Education Ransomware Phishing Passwords 111

Malwarebytes

MARCH 10, 2022

Observed since: July 2021 Ransomware note: BlackByteRestore.txt Ransomware extension: BlackByte Kill Chain: Some victims reported that attackers used known Microsoft Exchange Server vulnerabilities to gain access to their networks. > Observed since: January 2021 Ransomware note: BackFiles_encoded01.txt LockBit 2.0.

Ransomware 89

Ransomware Phishing Accountability Technology 89

Security Affairs

MARCH 16, 2022

The nation-state actors gained access to the network by exploiting default MFA protocols and the Windows Print Spooler vulnerability, “PrintNightmare” ( CVE-2021-34527 ), reads the advisory. Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. ” continues the analysis.

Accountability 98

Accountability Passwords Authentication Firmware 98

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. •

Government 103

Government Passwords Accountability Firmware 103

Security Affairs

APRIL 11, 2021

Clop Ransomware operators plunder US universities Malware attack on Applus blocked vehicle inspections in some US states 2,5M+ users can check whether their data were exposed in Facebook data leak 33.4%

Cyber Attacks 64

Cyber Attacks Firmware Malware Hacking 64

IT Security Guru

MAY 10, 2021

This past years’ bout of VPN related breaches is a great example, especially as patches were available over a year ago. And the latest February 2021 edition of Patch Tuesday sought to address 56 security holes in its Windows operating systems and other software. Growing threat.

VPN 84

VPN Software InfoSec Firmware 84

The Last Watchdog

JUNE 4, 2019

DataTribe and AllegisCyber Capital have been on the ground floor of bringing the CyberPort vision to life and will be among the anchor tenants (with another 40-plus cyber companies) when the new campus is ready for occupancy in early 2021. million unfilled cybersecurity positions globally by 2021 – up from 1 million in 2014.

Cybersecurity 193

Cybersecurity Computers and Electronics Technology Marketing 193

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking 115

Banking Malware Computers and Electronics Mobile 115

Kali Linux

NOVEMBER 27, 2022

To enable wireless support, we need to find: The kernel Wi-Fi modules that need to be in the initramfs (Depends on hardware) The Wi-Fi firmware files that need to be in the initramfs (Depends on hardware) The Wireless interface name (Kali defaults to: wlan0 ) Additional packages to increase functionally. bin firmware: brcm/brcmfmac*-sdio.*.txt

Firmware 52

Firmware Wireless Passwords VPN 52

Malwarebytes

MAY 28, 2021

According to Coveware, a company that offers incident response services to organizations impacted by ransomware attacks, Conti is the second most common ransomware family that victim organizations have reported in the first quarter of 2021. Install updates/patch operating systems, software, and firmware as soon as they are released.

Healthcare 129

Healthcare Ransomware Encryption Passwords 129

eSecurity Planet

MAY 20, 2024

It’s also possible that your VPN app will automatically disable the VPN once your device connects to a supposedly trusted Wi-Fi network, according to the researchers at Top10VPN. Use always-active VPN connections and never reuse the same credentials for an SSID.

VPN 64

VPN Firmware Malware Software 64

SecureList

DECEMBER 14, 2022

It directly affected satellite modems firmwares , but was still to be understood as of mid-March. The latter confirmed that a threat actor got in through a remote-management network exploiting a poorly configured VPN, and ultimately delivered destructive payloads, affecting tens of thousands of KA-SAT modems.

DDOS 145

DDOS Ransomware Government Energy and Utilities 145

Kali Linux

DECEMBER 8, 2021

With the end of 2021 just around the corner, we are pushing out the last release of the year with Kali Linux 2021.4 , which is ready for immediate download or updating. Raspberry Pi images now include versioned Nexmon firmware. 1kali1 (2021-11-05) ┌──(kali㉿kali)-[~] └─$ uname -r 5.14.0-kali4-amd64 " VERSION_ID="2021.4"

Social Engineering 52

Social Engineering VPN Architecture Engineering 52

SecureList

OCTOBER 26, 2021

This is our latest installment, focusing on activities that we observed during Q3 2021. This activity seems to have continued and stretched into 2021, when we spotted a set of recent attacks using the same techniques and malware to gain a foothold in diplomatic organizations based in Central Asia. It was fixed as CVE-2021-26605.

Malware 145

Malware Government Surveillance Spyware 145

Security Affairs

FEBRUARY 23, 2020

for cyber 2021 budget for the Department of Defense. Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak.

Artificial Intelligence 98

Artificial Intelligence eCommerce Hacking Advertising 98