Authentication, Backups and Firmware - Cyber Security Informer

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

To mitigate the risk of Medusa ransomware attacks, CISA and the FBI recommend the following measures: Update systems regularly: Ensure operating systems, software, and firmware are patched and up to date to close known vulnerabilities.

Ransomware

Ransomware Backups Firmware Insurance

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

Early this month, Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet that multiple ransomware gangs are cold-calling victims if they don’t pay the ransom and attempt to restore from backups. Patch operating systems, software, firmware, and endpoints. Pierluigi Paganini.

Ransomware

Ransomware Backups Firmware Accountability

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

“The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. The company also recommends updating the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps to the latest versions.

Ransomware

Ransomware Backups Media Malware

CISA and FBI issue alert about Zeppelin ransomware

Malwarebytes

AUGUST 16, 2022

But you should also realize that while it’s easy to say that you need reliable and easy to deploy backups for example, it’s not always easy to follow that advice. Maintain offline backups of data, and regularly maintain backup and restoration. Ensure all backup data is encrypted, immutable (i.e.,

Ransomware

Ransomware Backups Passwords Authentication

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Uninterruptible power supply (UPS) devices provide emergency backup power for mission-critical systems. Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices.

Firmware

Firmware IoT Authentication Backups

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use double authentication when logging into accounts or services.

Ransomware

Ransomware Firmware Antivirus Accountability

Best Disaster Recovery Solutions for 2022

eSecurity Planet

JULY 8, 2022

“With a cyberattack, it’s more than just data that needs protecting—at risk is really the entire physical infrastructure from applications and operating systems down to low-level firmware and BIOS. This type of backup and DR technology offers RPOs measured in hours. See the Best Backup Solutions for Ransomware Protection.

Backups

Backups Ransomware Technology Marketing

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Hot for Security

MARCH 17, 2021

“The cyber actors then exfiltrate files from the victim’s network, sometimes using the free opensource tool WinSCP5, and proceed to encrypt all connected Windows and/or Linux devices and data, rendering critical files, databases, virtual machines, backups, and applications inaccessible to users,” according to the advisory. and others.

Education

Education Healthcare Government Ransomware

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

The list of vulnerable devices includes eight LenovoEMC NAS (PX) models, nine Iomega StoreCenter (PX and IX) models and the Lenovo branded devices; ix4-300d, ix2 and EZ Media and Backup Center. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking

Hacking Firmware Advertising Backups

Threat profile: Ranzy Locker ransomware

Malwarebytes

OCTOBER 28, 2021

Find and delete shadow volume copies, and other recent backups, and disable the Windows recovery environment. Store regular backups of your data off-site and offline, where attackers can’t reach them. Install security updates for software, operating systems, and firmware as soon as they are released. Mitigation.

Ransomware

Ransomware Backups Encryption Accountability

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The good news is in the latter attack the victims restored its backups. The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 16, 2024

Patch it now!

Data breaches

Data breaches Hacking Ransomware Malware

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

eSecurity Planet

SEPTEMBER 9, 2024

These vulnerabilities represent significant dangers for end users and organizations — from the remote code execution vulnerabilities in Veeam Backup & Replication and Apache OFBiz to the severe access control issues in SonicWall and Google Android. The fix: Prevent these attacks by rapidly upgrading and patching all impacted software.

Firmware

Firmware Backups Firewall Risk

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Implement network segmentation and maintain offline backups of data to ensure limited interruption to the organization. Regularly back up data, password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. hard drive, storage device, the cloud).

Ransomware

Ransomware DDOS Passwords Backups

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. ” concludes the CISA advisory.

Backups

Backups Authentication Advertising Firmware

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

Warning issued about Vice Society ransomware targeting the education sector

Malwarebytes

SEPTEMBER 7, 2022

But you should also realize that while it’s easy to say that you need reliable and easy to deploy backups, for example, it’s not always easy to follow that advice. Maintain offline backups of data, and regularly maintain backup and restoration. Ensure all backup data is encrypted, immutable (i.e.,

Education

Education Ransomware Backups Passwords

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. Review Task Scheduler for unrecognized scheduled tasks. hard drive, storage device, the cloud).

Ransomware

Ransomware Antivirus Passwords Malware

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups.

Passwords

Passwords Backups Architecture Cyber Attacks

FBI issues advisory over Play ransomware

Malwarebytes

DECEMBER 19, 2023

Screenshot of the PLAY leak site The joint CSA emphasizes the importance of having an actionable recovery plan, using multi-factor authentication (MFA) , and keeping all operating systems, software, and firmware up to date. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers.

Ransomware

Ransomware Backups Encryption Firmware

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Regularly update router firmware to patch vulnerabilities and close potential avenues of attack. Implement Multi-factor Authentication (MFA) Adding Multi-factor authentication ( MFA ) goes beyond passwords, using additional verification measures like a text message or authenticator app to safeguard your accounts.

Malware

Malware Antivirus Software Passwords

North Korean APT targets US healthcare sector with Maui ransomware

Malwarebytes

JULY 10, 2022

Thankfully, although Maui may be a little different from run-of-the-mill ransomware, the steps to protect against it are not: Maintain off-site, offline backups of data and test them regularly. Keep operating systems, applications, and firmware up to date. Require multi-factor authentication (MFA) for as many services as possible.

Healthcare

Healthcare Ransomware Encryption Firmware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The alert provides a list of mitigations to stay protected from ransomware families: Recommended Mitigations • Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. • Use multifactor authentication where possible.

Ransomware

Ransomware Encryption Passwords Malware

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Using misconfigured multi-factor authentication (MFA) and an unpatched Windows vulnerability, Russian state-sponsored hackers were able to breach a non-governmental organization (NGO) and escalate privileges, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI revealed last week. Implement network segmentation.

VPN

VPN Accountability Authentication Passwords

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

SecureWorld News

OCTOBER 8, 2023

Use the 3-2-1 backup rule. Additionally, be cautious when adding new friends; verify their authenticity through known offline connections. Use the administrator account only for maintenance, software installation, or firmware updates. Attention should be paid to protecting routers and updating their firmware.

Firmware

Firmware IoT Accountability Passwords

Ransomware: March 2022 review

Malwarebytes

APRIL 11, 2022

Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use double authentication when logging into accounts or services. Ransomware Attacks by Gang. Ransomware Attacks by Country.

Ransomware

Ransomware Accountability Technology Firmware

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

The Last Watchdog

APRIL 28, 2020

Make sure you do everything possible to secure your mobile devices and that both the firmware and software are routinely updated. Backup your data frequently on hard drives that aren’t connected 24/7 to the internet. Always remember. Never trust. Always question. Always verify.”

Social Engineering

Social Engineering Cyber Attacks Scams Engineering

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

The advisory also provides mitigations: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use double authentication when logging into accounts or services.

Ransomware

Ransomware Accountability Firmware Encryption

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The FBI also encourages organizations to report any interactions with Zeppelin operators, including logs, Bitcoin wallet information, encrypted file samples, and decryptor files.

Ransomware

Ransomware Encryption Firmware Backups

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Update and patch operating systems, software, and firmware as soon as updates and patches are released. 7 SP1, 8, 8.1)

Ransomware

Ransomware Encryption Backups Accountability

Ransomware’s Number 1 Target? Your Kid’s School

SecureWorld News

DECEMBER 18, 2020

Here are some recommendations for best network practices: "Patch operating systems, software, and firmware as soon as manufacturers release updates. Use multi-factor authentication where possible. Without proper planning and preparation, schools may be unable to continue classes and administrative operations.

Ransomware

Ransomware Education Backups Malware

How (and Why) to Take Full Advantage of Apple’s New Advanced Data Protection Feature

Security Boulevard

DECEMBER 27, 2022

Apple has long been criticized, with good reason, over its iCloud service not providing E2EE (where the user has the decryption keys); for years, when enabled, for a good chunk of data iPhone syncs to iCloud, Apple held the decryption keys for some stored data, which included: Message backups. Device backups. Safari Bookmarks.

Encryption

Encryption Backups Software Accountability

Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

eSecurity Planet

JUNE 30, 2023

Lace Tempest (Storm-0950, overlaps w/ FIN11, TA505) authenticates as the user with the highest privileges to exfiltrate files,” Microsoft notes. Backup and Restoration: Keep offline backups of data and execute backup and restore on a regular basis. Patch operating systems, software, and firmware on a regular basis.

Ransomware

Ransomware Backups Software Passwords

Cloud Security: The Shared Responsibility Model

eSecurity Planet

OCTOBER 20, 2022

Drivers, Firmware, Software : Cloud providers bear responsibility to secure, test, and update the software and code that supports the firmware and the basic software infrastructure of the cloud. Customers will be fully responsible for securing the storage, transfer, and backup of data to their cloud environment. Data backup.

Backups

Backups Firewall Encryption Software

Bad Luck: BlackCat Ransomware Bulletin

Security Boulevard

MAY 9, 2022

The ransomware targets virtual machines and snapshots, looking to escape containers, encrypt any possible persistence, and wipe out backups that weren’t carefully archived. Regularly back up data, air gap, and password protect backup copies offline. Use multifactor authentication where possible.

Ransomware

Ransomware Antivirus Passwords Backups

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

GitHub Enterprise Server and GitLab patched their authentication bypass and XSS issues. Immediately update your QNAP devices to the most recent firmware to mitigate these issues. May 21, 2024 GitHub Enterprise Server Update Fixes SAML Authentication Bypass Type of vulnerability: Authentication bypass.

Backups

Backups Authentication DDOS Engineering

Another ransomware payment recovered by the Justice Department

Malwarebytes

JULY 20, 2022

Although Maui may be a little different from run-of-the-mill ransomware, the steps to protect against it are not: Maintain offsite, offline backups of data and test them regularly. Keep operating systems, applications, and firmware up to date. Require multi-factor authentication (MFA) for as many services as possible.

Ransomware

Ransomware Cryptocurrency Healthcare Firmware

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The FBI notice includes the following recommendations: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Use multi-factor authentication with strong pass phrases where possible. Implement network segmentation.

Ransomware

Ransomware Manufacturing Passwords Internet

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

To prevent unwanted access and protect data in transit, wireless connections must be secured with strong authentication procedures, encryption protocols, access control rules, intrusion detection and prevention systems, and other security measures. As a result, wireless networks are prone to eavesdropping, illegal access and theft.

Wireless

Wireless Encryption Authentication IoT

Smart home security advice. Ring, SimpliSafe, Swann, and Yale

Pen Test Partners

SEPTEMBER 9, 2024

Privacy and Passwords: Two-step verification is done by default, but multi-factor authentication (MFA) is recommended. While 2SV is a valuable security measure, it is less robust than multi-factor authentication (MFA). SimpliSafe quickly fixed this with a firmware update. Who is Ring? Strong password practices are advised.

Firmware

Firmware Encryption Passwords Authentication

Land Securely on Regulatory Compliance with Thales Luna HSMs

Thales Cloud Protection & Licensing

DECEMBER 12, 2019

CSP is information such as secret and private cryptographic keys, and authentication data such as passwords and PINs, whose disclosure or modification can compromise the security of a cryptographic module. The latest firmware version 7.3.3, Luna HSMs NIST FIPS 140-2 Level 3 Certification.

Firmware

Firmware Backups Encryption Authentication

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

Unauthenticated vulnerability scans should be conducted to view the systems from the perspective of an external hacker and authenticated vulnerability scans should be conducted to view systems from the perspective of a hacker with stolen credentials. Systems that cannot be rolled back will need to be restored from backup or replaced promptly.

Penetration Testing

Penetration Testing Risk Firmware Software

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released. Require phishing-resistant MFA for as many services as possible—particularly for webmail, VPNs, accounts that access critical systems, and privileged accounts that manage backups.

Ransomware

Ransomware VPN Cybercrime Accountability

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Use multifactor authentication where possible. Use multifactor authentication where possible. Implement network segmentation.

Government

Government Passwords Accountability Firmware

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Trending Sources

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

CISA and FBI issue alert about Zeppelin ransomware

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Ranzy Locker ransomware hit tens of US companies in 2021

Best Disaster Recovery Solutions for 2022

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Threat profile: Ranzy Locker ransomware

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

Avoslocker ransomware gang targets US critical infrastructure

CISA warns of critical flaws in Prima FlexAir access control system

Maze ransomware operators claim to have breached LG Electronics

Warning issued about Vice Society ransomware targeting the education sector

BlackCat Ransomware gang breached over 60 orgs worldwide

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

FBI issues advisory over Play ransomware

How to Prevent Malware: 15 Best Practices for Malware Prevention

North Korean APT targets US healthcare sector with Maui ransomware

FBI published a flash alert on Mamba Ransomware attacks

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

Ransomware: March 2022 review

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

BlackByte ransomware breached at least 3 US critical infrastructure organizations

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Ransomware’s Number 1 Target? Your Kid’s School

How (and Why) to Take Full Advantage of Apple’s New Advanced Data Protection Feature

Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

Cloud Security: The Shared Responsibility Model

Bad Luck: BlackCat Ransomware Bulletin

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

Another ransomware payment recovered by the Justice Department

FBI warns of ransomware threat to food and agriculture

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

Smart home security advice. Ring, SimpliSafe, Swann, and Yale

Land Securely on Regulatory Compliance with Thales Luna HSMs

Vulnerability Management Policy Template

Daixin Team targets health organizations with ransomware, US agencies warn

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Stay Connected