Cybersecurity Attacks - Page 2 of 33

EwDoor Botnet attacking AT&T network edge devices

Cybersecurity Attacks, Network Security, Vulnerabilities & Exploits / By Frank Crast / December 1, 2021 December 1, 2021

An attacker has been targeting unpatched AT&T network edge devices via a brand new botnet dubbed EwDoor.

Tags: AT&T, CVE-2017-6079, DDoS, Edge, EdgeMarc, EwDoor, malware, Network

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 18, 2021 November 18, 2021

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Tags: APT, ChamelGang, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, Exchange, Fortigate, Fortinet, ProxyShell, VPN

Attackers exploit ZOHO ManageEngine ADSelfService Plus software

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / November 11, 2021 November 11, 2021

Attackers have been exploiting vulnerable ZOHO ManageEngine ADSelfService Plus software as part of a targeted campaign.

Tags:

Nobelium targets CSPs, MSPs and IT organizations to launch broader attacks

Cybersecurity Attacks, Third-Party Security / By Frank Crast / October 26, 2021 October 26, 2021

Microsoft has released a new report on Nobelium that has been targeting cloud service providers (CSPs), managed service providers (MSPs) and other IT organizations in order to launch broader attacks against customers they serve.

Tags: Active Directory, CSP, MFA, Microsoft, MSP, Nobelium, SolarWinds

BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 23, 2021 October 23, 2021

BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, to include two U.S. Food and Agriculture Sector organizations.

Tags: BlackMatter, CISA, FBI, malware, NSA, RaaS

Acer systems hit with second cyberattack in the past week

Cybersecurity Attacks / By Frank Crast / October 18, 2021 October 18, 2021

Acer systems based in Taiwan have been hit with a cyberattack, nearly a week after Acer offices in India were hit by a similar attack launched by the same cybergang.

Tags: Acer, Cyberattack, Desorden, Taiwan

FontOnLake malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / October 11, 2021 October 11, 2021

A previously unknown malware family dubbed FontOnLake is targeting Linux systems. The malware is made up of “custom and well-designed modules.”

Tags: Boost, C/C++, C2, ESET, FrontOnLake, Linux, malware, Poco, Protobuf, Trojan

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / October 2, 2021 October 2, 2021

A new advanced persistent threat (APT) group dubbed ChamelGang has been targeting Russian Energy and Aviation industries, as well as entities in 9 other countries.

Tags: APT, aviation, BeaconLoader, ChamelGang, Cobalt Strike, CVE-2017-12149, DoorMe, energy, Exchange, FRP, ProxyShell, Tiny shell

Microsoft: Nobelium cybergang deploys FoggyWeb backdoor to target AD FS servers

Cybersecurity Attacks, Malware / By Frank Crast / September 28, 2021 September 28, 2021

Microsoft has warned that Nobelium threat actors are using a new backdoor malware dubbed FoggWeb to target Active Directory Federation Services (AD FS) servers.

Tags: Active Directory, AD FS, backdoor, Cyberattack, FoggyWeb, malware, Microsoft, Nobelium

Iowa-based farm service provider NEW Cooperative hit by BlackMatter ransomware attack

Cybersecurity Attacks, Malware / By Frank Crast / September 21, 2021 September 21, 2021

An Iowa-based farm service provider NEW Cooperative was hit by a major BlackMatter ransomware attack. Security researchers leaked information that the cybercriminals behind the attack are demanding $5.9 million in ransom.

Tags: BlackMatter, NEW Cooperative, Ransomware