Security Affairs

APRIL 8, 2023

US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report.

Backups 98

Backups Spyware Ransomware Education 98

eSecurity Planet

DECEMBER 18, 2023

And WordPress sites are vulnerable to code injection through plugin Backup Migration. December 11, 2023 Sonar Finds Three Vulnerabilities in Open-Source Firewall pfSense Type of vulnerability: Cross-site scripting and command injection. If a threat actor has the Dataproc IP address, they can access it without authenticating themselves.

Backups 115

Backups Firewall Engineering Software 115

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. Threat actors are wiping NAS and backup devices. The Finish researchers pointed out that the attack cannot bypass multi-step authentication.

Ransomware 134

Ransomware Backups VPN Authentication 134

Malwarebytes

MAY 3, 2023

Following criticism, Google has decided to bring end-to-end encryption (E2EE) to its Google Authenticator cloud backups. The search giant recently introduced a feature that allows users back up two-factor authentication ( 2FA ) tokens to the cloud, but the lack of encryption caused some commentators to warn people off using it.

Authentication 98

Authentication Encryption Backups Accountability 98

CyberSecurity Insiders

DECEMBER 21, 2022

However, while few things may be certain in life, with rising global conflicts, a looming recession, and the continued use of weak and breached credentials, we can be sure that more cyberattacks will be on the horizon in 2023.

Social Engineering 134

Social Engineering Passwords Password Management Engineering 134

SecureWorld News

NOVEMBER 13, 2024

The MOVEit vulnerability (CVE-2023-34362), first exploited in May 2023, allowed unauthenticated attackers to gain unauthorized access to vulnerable systems. The MOVEit data theft and extortion attacks in May 2023 impacted a significant number of individuals and organizations globally.

Data breaches 116

Data breaches Identity Theft Education Software 116

Anton on Security

JANUARY 3, 2023

We anticipate an increase in targeting of identities that allow cross-platform authentication as actors recognise the value in compromising identities rather than endpoints. ” [A.C. — this this data point is from 2020 , so treat this as a low boundary in 2023. Now, go and read the report!

Cybersecurity 185

Cybersecurity Backups DDOS Ransomware 185

Thales Cloud Protection & Licensing

MARCH 29, 2023

World Backup Day 2023: Five Essential Cyber Hygiene Tips madhav Thu, 03/30/2023 - 05:54 World Backup Day , celebrated each year on March 31st, is a day created to promote backing up data from your devices. Using multi-factor authentication (MFA) when possible is also recommended.

Backups 71

Backups Encryption Passwords Ransomware 71

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. Threat actors are wiping NAS and backup devices. The Finish researchers pointed out that the attack cannot bypass multi-step authentication.

Ransomware 120

Ransomware Backups VPN Authentication 120

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

The regulations were most recently updated on November 1, 2023, with phased effective dates starting on December 1, 2023. Update the incident response plan to include procedures such as the internal process for responding to cybersecurity events, recovery from backups, and conducting a root cause analysis after an event.

Financial Services 62

Financial Services Cybersecurity CISO Backups 62

NetSpi Executives

DECEMBER 21, 2023

NetSPI has updated Attack Surface Management (ASM) coverage for CVE-2023-42793 and released a Breach and Attack Simulation (BAS) Playbook that allows you to quickly test if you have detection coverage for the TTPS used in a recent campaign by Russian Foreign Intelligence Service Actors also known as APT 29. Let’s talk.

Backups 114

Backups Authentication Internet Internet 114

The Last Watchdog

SEPTEMBER 25, 2023

million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Cloud vendors often handle the security and backup processes automatically, so examine your technology and see if that is the case.

Small Business 222

Small Business Cybersecurity Technology Accountability 222

Malwarebytes

DECEMBER 13, 2023

In November there were 457 total ransomware victims, making it the most active month for ransomware gangs in 2023 so far besides May. The top stories of the month include ALPHV’s shutdown, an increased focus on the healthcare sector, and high-profile attacks on Toyota, Boeing, and more using a Citrix Bleed vulnerability (CVE-2023-4966).

Ransomware 104

Ransomware Healthcare Encryption Backups 104

Security Affairs

MAY 9, 2024

Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. The flaw CVE-2023-46805 (CVSS score 8.2) The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure.

Authentication 133

Authentication Backups Cyber threats Malware 133

SecureList

JUNE 26, 2023

In this report, we have analyzed the key threats to small and medium-sized companies in 2022 and 2023, and provided advice on how to stay safe. Malware attacks Between January 1 and May 18, 2023, 2,392 SMB employees encountered malware or unwanted software disguised as business applications, with 2,478 unique files distributed this way.

Cybercrime 123

Cybercrime Phishing Banking Malware 123

Security Affairs

NOVEMBER 13, 2023

The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the initial deadline (02 Nov, 2023 13:25:39 UTC, later postponed to 10 Nov, 2023). The attack targeted elements of the parts and distribution business run by its global services division.

Ransomware 134

Ransomware Authentication Backups Manufacturing 134

Security Affairs

JANUARY 11, 2023

Microsoft Patch Tuesday security updates for January 2023 fixed 97 flaws and an actively exploited zero-day. One of the flaws addressed this month, tracked as CVE-2023-21674 (CVSS score 8.8), is listed as being in the wild at the time of release. Another issue fixed by Microsoft is the CVE-2023-21549 (CVSS Score 8.8)

Internet 98

Internet Internet Backups Hacking 98

Malwarebytes

JUNE 9, 2023

Known ransomware attacks by gang, May 2023 This isn't the first time this year a gang has overhauled LockBit and climbed to the top spot on our monthly charts. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. A new norm? Don’t get attacked twice.

Ransomware 95

Ransomware Education Encryption Software 95

Fox IT

FEBRUARY 22, 2023

During a recent incident response case, we found traces of an adversary leveraging ConnectWise R1Soft Server Backup Manager software (hereinafter: R1Soft server software). The adversary used it as an initial point of access and as a platform to control downstream systems connected via the R1Soft Backup Agent.

Backups 69

Backups Software Authentication Internet 69

Malwarebytes

NOVEMBER 24, 2023

Known ransomware attacks by ransomware group, October 2023 Mandiant states it is currently tracking four distinct uncategorized groups involved in exploiting this vulnerability. The CVE for the vulnerability known as Citrix Bleed is CVE-2023-4966 ( CVSS score 9.4 Create offsite, offline backups. out of 10).

Government 128

Government Ransomware Backups Software 128

Webroot

OCTOBER 31, 2024

Source: Coveware We’ve seen a drop-off from the highs last year – fueled by Cl0p ransomware group making over $100 Million in a few months in late 2023. Akira: The Healthcare Menace The Akira ransomware group was first observed in March 2023 and immediately became one of the most formidable threats in the threat landscape.

Malware 108

Malware Ransomware Passwords Healthcare 108

WIRED Threat Level

DECEMBER 7, 2022

The company will also soon support the use of physical authentication keys with Apple ID, and is adding contact verification for iMessage in 2023.

Backups 72

Backups Encryption Authentication Hacking 72

CyberSecurity Insiders

MAY 13, 2023

Organizations must prioritize email security measures that block malicious attachments, educate employees about ransomware threats, and establish robust data backup and recovery processes. Email is a primary delivery method for ransomware attacks, with attackers using malicious attachments or links to infect systems.

Phishing 111

Phishing Encryption Education Small Business 111

Security Affairs

MARCH 13, 2025

Notably, they target CVE-2024-1709 (ScreenConnect authentication bypass) and CVE-2023-48788 (Fortinet EMS SQL injection) to infiltrate systems. Encryption is executed using gaze.exe , which disables security tools, deletes backups, and encrypts files with AES-256 before dropping a ransom note.

Ransomware 68

Ransomware Encryption Cryptocurrency Insurance 68

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.”

Ransomware 142

Ransomware Hacking Healthcare Retail 142

IT Security Guru

MAY 20, 2024

In 2023, an astonishing 50 per cent of companies in the UK reported experiencing some form of cybersecurity breach or attack. Implement Multi-Factor Authentication Multi-factor authentication (MFA) requires multiple verification methods to access an account online, significantly enhancing protection.

Cybersecurity 132

Cybersecurity Backups Cyber threats Mobile 132

Security Affairs

APRIL 28, 2024

“Luckily, I was able to get access to the latest version of SANnav in May 2023 (the latest version was 2.2.2 “Luckily, I was able to get access to the latest version of SANnav in May 2023 (the latest version was 2.2.2 version was sent to Brocade PSIRT in May 2023 and they finally aknowledged the vulnerabilities.

Firewall 122

Firewall Authentication Backups Architecture 122

Malwarebytes

DECEMBER 8, 2022

iMessage Contact Key Verification and Security Keys for Apple ID will be available globally in 2023. The feature will start rolling out to the rest of the world in early 2023. For users who opt in, Security Keys strengthen Apple’s two-factor authentication by requiring a hardware security key as one of the two factors.

Backups 98

Backups Encryption Authentication Data breaches 98

Security Boulevard

JANUARY 3, 2023

We anticipate an increase in targeting of identities that allow cross-platform authentication as actors recognise the value in compromising identities rather than endpoints. ” [A.C. — this this data point is from 2020 , so treat this as a low boundary in 2023. Monitor for events on backups and create alerts for these”.

Cybersecurity 98

Cybersecurity Backups DDOS Ransomware 98

eSecurity Planet

APRIL 12, 2024

Employ Authentication Methods for All Users & Devices A zero trust approach rejects any sort of inherent trust and requires continual verification of all users and devices. Implement stringent access rules, multi-factor authentication, and continuous monitoring to authenticate all access attempts, regardless of prior trust status.

Backups 134

Backups Encryption Data breaches Risk 134

Security Affairs

JANUARY 24, 2024

Threat actors are wiping NAS and backup devices. Akira ransomware infections were first reported in Finland in June 2023, however, in December the number of attacks increased. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices.

Ransomware 136

Ransomware VPN Government Retail 136

CyberSecurity Insiders

MAY 6, 2021

To those who go for more premium plans, a site backup plan of up to 200GB keeps the data continuity intact at the time of disasters. If possible, turn on 2-factor authentication for important online services. About World Password Day- Every year, the first Thursday in May is being promoted as the World Password Day.

Passwords 128

Passwords Firewall DDOS Malware 128

Malwarebytes

OCTOBER 11, 2023

It was attacked on September 22, 2023. According to a recent post on its Facebook account, all of the corporation's public-facing applications have been back online since October 6, 2023, including "the website, Member Portal, eClaims for electronic submission of hospital claims, and EPRS for employer remittances."

Antivirus 120

Antivirus Insurance Ransomware Healthcare 120

Security Affairs

NOVEMBER 20, 2023

“On October 19 th , 2023, Brookfield Global Relocation Services (BGRS) informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada systems.” We have over 1.5TB of documents leaked + 3 full backups of CRM for branches (eu, na and au) Sirva Worldwide, Inc.

Data breaches 136

Data breaches Government Hacking Backups 136

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 68

Spyware Firewall Artificial Intelligence Malware 68

eSecurity Planet

JULY 15, 2024

However, exploitation requires authentication and specific configurations. Avoid unauthorized access by employing stronger authentication methods for your systems via access management tools. To protect RADIUS traffic, use TLS or IPSec rather than susceptible authentication methods such as PAP, CHAP, or MS-CHAPv2.

Authentication 110

Authentication Backups Software Risk 110

Security Affairs

FEBRUARY 28, 2023

This flaw impacts multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager. CISA orders federal agencies to fix this flaw by March 20, 2023. The adversary used it as an initial point of access and as a platform to control downstream systems connected via the R1Soft Backup Agent. and 8.6.4.1.

Backups 98

Backups Software Authentication Hacking 98