Cybersecurity Attacks Archives - Page 6 of 40

XorDdos: DDoS malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / May 21, 2022 / DDoS, Linux, malware, XORDDoS

Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.

CISA adds 5 vulnerabilities to Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / May 10, 2022 / CISA, CVE-2019-8506, CVE-2021-1789

The Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, two Microsoft and one OpenSSL vulnerability.

Emotet botnet reemerges with new threat behaviors

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / May 4, 2022 / AppX, botnet, Emotet, malware, TA542, XLL

Researchers from Proofpoint have observed the reemergence of Emotet botnet that has exhibited new behaviors in using new attack techniques.

The Top 15 mostly commonly exploited vulnerabilities in 2021

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 2, 2022 / CVE-2018-13379, CVE-2019-11510, CVE-2020-0688, CVE-2020-1472, CVE-2021-21972, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-31207, CVE-2021-34473, CVE-2021-34523, CVE-2021-40539, CVE-2021-44228, log4Shell, ProxyLogon, ProxyShell, Zerologon

The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.

ransomware, cybersecurity, cyber-3998798.jpg

FBI: BlackCat ransomware has compromised 60 entities worldwide

Cybersecurity Attacks, Malware / By Frank Crast / April 25, 2022 / ALPHV, BlackCat, BlackMatter, Darkside, Ransomware, RUST

The Federal Bureau of Investigation (FBI) has released new information on BlackCat (also known as ALPHV) ransomware as a service (RaaS), that has compromised at least 60 entities worldwide as of March 2022.

APT actors targeting ICS/SCADA Devices with custom tools

Cybersecurity Attacks / By Frank Crast / April 18, 2022 / APT, CISA, DOE, ICS, OMRON, OPC UA, SCADA, Schneider

US Government cybersecurity experts are warning of advanced persistent threat (APT) actors using custom tools to target and compromise multiple industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices.

CISA adds Critical VMware Workspace ONE Access and Identity Manager vulnerability to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / April 14, 2022 / CISA, CVE-2022-22954, Exploit, VMware, Workspace ONE

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical VMware Workspace ONE Access and Identity Manager vulnerability to its Known Exploited Vulnerabilities Catalog. VMware also confirmed known exploits in the wild have been detected for CVE-2022-22954.

cyber security, information security, data privacy-3400657.jpg

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / April 11, 2022 / Active Directory, CVE-2017-11317, CVE-2020-2509, CVE-2021-22600, CVE-2021-27852, CVE-2021-39793, CVE-2021-42278, CVE-2021-42287, CVE-2022-23176, Firebox, Microsoft, QNAP, WatchGuard, XTM

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Denonia malware targets AWS Lambda

Cloud Security, Cybersecurity Attacks, Malware / By Frank Crast / April 8, 2022 / AWS, Cado Labs, Cryptocurrency, Cryptomining, Denonia, Lambda, XMRig

A first of its kind malware dubbed Denonia has been targeting Amazon Web Services (AWS) Lambda, an event-driven, serverless computing platform.

Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / April 8, 2022 / botnet, CVE-2022-22963, CVE-2022-22965, Mirai, Spring, Spring Framework, Spring4Shell

Researchers from Trend Micro have spotted threat actors exploiting the Spring4Shell vulnerability CVE-2022-22965 to weaponize and execute Mirai botnet.