Cybersecurity Attacks Archives - Page 11 of 41

FBI issues alert on OnePercent Group Ransomware attacks

Cybersecurity Attacks, Malware / Frank Crast / August 30, 2021 / FBI, IcedID, OnePercent, Ransomware

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert on OnePercent Group Ransomware. The alert includes technical details on cyberattack, tools used and indicators of compromise.

FBI issues alert on OnePercent Group Ransomware attacks Read More »

Cyberattackers exploiting ProxyShell vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / August 25, 2021 / CVE-2021-34473, CVE-2021-34523, Exchange, LockFile, Microsoft, ProxyShell

Cyberattackers are scanning and exploiting ProxyShell vulnerabilities on unpatched Microsoft Exchange servers.

Cyberattackers exploiting ProxyShell vulnerabilities Read More »

NSA releases guidance on securing wireless devices in public settings

Cybersecurity Attacks, Endpoint Security, Guidelines, System Hardening, Vulnerabilities & Exploits, Wi-Fi Security / Frank Crast / August 2, 2021 / BlueBorne, Bluebugging, Bluejacking, Bluesnarfing, bluetooth, LLMNR, MFA, NFC, NIST, NSA, SP 800-121, Wi-Fi, Wireless

The National Security Agency (NSA) has released guidance on securing wireless devices in public settings for government national defense entities and the general public. The new 8-page guidance infosheet summarizes ways bad actors target wireless devices as well as good safeguards to protect against such cyberattacks. The NSA warns that although connecting to public Wi-Fi

NSA releases guidance on securing wireless devices in public settings Read More »

Babuk ransomware: Soon to be targeting VMware and *nix systems?

Cybersecurity Attacks, Malware / Frank Crast / August 1, 2021 / ESXi, Golang, Linux, malware, Ransomware

Cybercriminals behind Babuk ransomware announced in an underground forum that they are developing malware targeting Linux/UNIX and VMware ESXi systems.

Babuk ransomware: Soon to be targeting VMware and *nix systems? Read More »

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021 Read More »

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 28, 2021 / AD SC, Certificate Authority, Domain Controller, EPA, IIS, NTLM, PetitPotam, Relay Attack, SMB, Windows

Microsoft has issued guidance on mitigating PetitPotam NTLM relay attacks against Windows domain controllers or other Windows servers.

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks Read More »

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / July 20, 2021 / APT, APT40, Chinese, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, Cybersecurity Threat Center, DOJ, Exchange, FBI, HSDD, MSS, NSA

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed “sophisticated Chinese state-sponsored activity” targeting multiple public and private sectors in the United States.

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity” Read More »

Kaseya VSA falls victim to massive sophisticated ransomware attack (update)

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / July 13, 2021 / CISA, FBI, JBS, Kaseya, Ransomware, REvil, Travelex, VSA

Kaseya VSA has fallen victim to a sophisticated and massive ransomware attack, that some experts say has affected thousands of customers. The company also provided a patch update for on-premise customers.

Kaseya VSA falls victim to massive sophisticated ransomware attack (update) Read More »