Cybersecurity Attacks Archives - Page 5 of 41

T-Mobile to pay $350 million over 2021 data breach

Cybersecurity Attacks, Data Breach, Data Privacy, Mobile Security / By Frank Crast / July 26, 2022 / Data Breach, Privacy, T-Mobile

T-Mobile has agreed to pay $350 million and invest another $150 million in data security improvements to settle litigation over the 2021 data breach that impacted over 76 million T-Mobile customers.

PrestaShop websites vulnerable to major SQL Injection attacks

Cybersecurity Attacks, Malware, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 26, 2022 / CVE-2022-36408, Cybersecurity Threat Center, MySQL, PrestaShop, SQL injection, SQLi

PrestaShop websites are reported vulnerable to a major SQL Injection vulnerability (tracked as CVE-2022-36408) and have been exploited in the wild since July 2022.

Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems (updated)

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / July 20, 2022 / APT, Aquatic Panda, CGCYBER, CISA, CVE-2021-44228, Cybersecurity Threat Center, Deep Panda, Log4j, log4Shell, UAG

The Cybersecurity and Infrastructure Security Agency (CISA) warns cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems.

Cyberattacks on WordPress plugin Modern WPBakery Page Builder Addons

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / July 17, 2022 / AJAX, CVE-2021-24284, Kaswara, PHP, Wordfence, WPBakery

Researchers from Wordfence have spotted scans against 1.6 million WordPress sites looking for vulnerable Kaswara Modern WPBakery Page Builder Addons plugin.

H0lyGh0st ransomware actors target small and midsize businesses

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / July 17, 2022 / Andariel, BLTC.exe, BTLC_C.exe, C2, Cybersecurity Threat Center, DarkSeoul, DEV-0530, H0lyGh0st, HolyGhost, HolyLock.exe, HolyRS.exe, Microsoft, MSTIC, North Korea, Plutonium, Ransomware, SiennaBlue, SiennaPurple, Small Business, SMB

Security researchers from Microsoft warn threat actors from North Korea are using H0lyGh0st ransomware to target small and midsize businesses around the globe.

ZuoRAT targets SOHO devices to launch sophisticated multi-stage cyber attacks

Cybersecurity Attacks, Malware, Network Security / By Frank Crast / July 8, 2022 / ASUS, Black Lotus Labs, Cisco, CVE-2020-26878, CVE-2020-26879, Cybersecurity Attack, Cybersecurity Threat Center, DrayTek, Lumen, NETGEAR, Python, Small Office, SOHO, ZuoRAT

Threat actors are using a multi-stage malware dubbed ZuoRAT to exploit small office/home office (SOHO) routers and launch sophisticated attacks against North American and European networks.

Maui ransomware targets entities in the Healthcare and Public Health sector

Cybersecurity Attacks, Malware / By Frank Crast / July 6, 2022 / CISA, Cybersecurity Threat Center, FBI, Health, healthcare, HPH, Maui, Public Health, Treasury

Cybersecurity experts warn North Korean State-Sponsored threat actors are using Maui ransomware to target entities in the Healthcare and Public Health (HPH) sector.

MedusaLocker ransomware threat

Cybersecurity Attacks, Malware / By Frank Crast / July 6, 2022 / MedusaLocker, Ransomware

Threat actors are exploiting primarily Remote Desktop Protocol (RDP) vulnerabilities on victim computers to deploy MedusaLocker ransomware.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / June 30, 2022 / Chromium, CISA, CVE-2018-4344, CVE-2019-8605, CVE-2020-3837, CVE-2020-9907, CVE-2021-30983, Linux, pkexec, polkit, PwnKit

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / June 16, 2022 / CVE-2022-30190, Cybersecurity Threat Center, exploits, Follina, Microsoft, MSDT, RCE, Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Support Diagnostic Tool (MSDT) vulnerability CVE-2022-30190 (aka “Follina”) to its Known Exploited Vulnerabilities Catalog.