Cybersecurity Attacks Archives - Page 22 of 41

Threat actors are launching web shell attacks

Configuration Management, Cybersecurity Attacks, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 5, 2020 / CVE-2019-0604, CVE-2019-16759, DART, GALLIUM, KRYPTON, Microsoft, Web server, web shell, ZINC

Security experts from Microsoft have revealed threat actors are increasingly using web shell attacks in their campaigns. Microsoft’s investigation revealed actors such as ZINC, KRYPTON, and GALLIUM, exploit known vulnerabilities to implant web shells on internet-facing web servers.

Threat actors are launching web shell attacks Read More »

Ekans ransomware targets industrial control systems

Cybersecurity Attacks, Malware / Frank Crast / February 4, 2020 / Dragonfly, Dragos, Ekans, ICS, Megacortex, Ransomware, Snake, Triton

Cybercriminals are launching new ransomware attacks against industrial control systems (ICS). The ransomware dubbed Ekans features new functionality designed to stop critical processes related to ICS operations.

Ekans ransomware targets industrial control systems Read More »

FBI issues new warning on e-skimming attacks

Cybercrime, Cybersecurity Attacks, Data Breach, Malware / Frank Crast / February 1, 2020 / British Airways, credit card, e-skimming, FBI, Feedify, Magecart, malware, payments, Skimming

The FBI has issued a new warning on Magecart e-skimming attacks, used by cybercriminals to steal your credit card or payment card information.

FBI issues new warning on e-skimming attacks Read More »

CISA warns of increased Emotet malware attacks

Cybersecurity Attacks, Malware / Frank Crast / January 23, 2020 / Emotet, malware

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new warning of increased Emotet malware attacks.

CISA warns of increased Emotet malware attacks Read More »

WannaCry, Petya and Copycat Ransomware Expose Good History Lessons for Small Business and Enterprise Security

Business Continuity & Resiliency, Cybersecurity Articles, Cybersecurity Attacks, Malware / Frank Crast / January 14, 2020 / Backup, encryption, MS17-010, Petya, Ransomware, WannaCry, Windows 7, Windows Server 2008, Windows XP

On May 12, 2017, the now infamous WannaCry ransomware burst onto the worldwide scene. WannaCry infected over 200,000 systems and 150 countries in just 3 days.

WannaCry, Petya and Copycat Ransomware Expose Good History Lessons for Small Business and Enterprise Security Read More »

DHS reissues National Terrorism Advisory System (NTAS) Bulletin

Cybersecurity Attacks, Security Monitoring / Frank Crast / January 6, 2020 / DHS, Iran, Iraq, NTAS, Terrorism

The Department of Homeland Security (DHS) has reissued a National Terrorism Advisory System (NTAS) bulletin after a lethal U.S. strike killed Iranian IRGC-Quds Force commander Qassem Soleimani on January 2, 2020 while Soleimani was in Iraq.

DHS reissues National Terrorism Advisory System (NTAS) Bulletin Read More »

The top 20 vulnerabilities to patch now (that are most under attack)

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 26, 2019 / Apache, BlueKeep, CVE-2012-0158, CVE-2014-8361, CVE-2017-0143, CVE-2017-0199, CVE-2017-10271, CVE-2017-11882, CVE-2017-17215, CVE-2017-5638, CVE-2017-5715, CVE-2017-8570, CVE-2017-8759, CVE-2018-0802, CVE-2018-10561, CVE-2018-12130, CVE-2018-20250, CVE-2018-4878, CVE-2018-7600, CVE-2018-8174, CVE-2019-0708, CVE-2019-2725, IOT, Loki, MDS, Meltdown, Nanocore, Spectre, Struts, Verint, Vulnerabilities, WebLogic, WinRAR, Zyklon

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.

The top 20 vulnerabilities to patch now (that are most under attack) Read More »

Attackers abuse ConnectWise Control software to deliver Zeppelin ransomware

Cybersecurity Attacks, Malware / Frank Crast / December 18, 2019 / ConnectWise, Morphisec, Ransomware, Zeppelin

Remote attackers have abused ConnectWise Control software to deliver ransomware to its victims. The latest attacks against a real estate company used ransomware dubbed “Zeppelin”, a variant of the VegaLocker ransomware family.

Attackers abuse ConnectWise Control software to deliver Zeppelin ransomware Read More »

sLoad trojan uses BITS to steal data

Cybersecurity Attacks, Malware / Frank Crast / December 15, 2019 / ATP, Defender, Microsoft, sLoad, Trojan

A multi-stage downloader trojan dubbed sLoad uses BITS to steal data from compromised systems. Attackers use sLoad to evade anti-malware protections and security monitoring that may not detect activity using these unconventional protocols.

sLoad trojan uses BITS to steal data Read More »

GALLIUM targets global telecom providers

Cybersecurity Attacks, Uncategorized, Vulnerabilities & Exploits / Frank Crast / December 13, 2019 / GALLIUM, JBoss, Microsoft, MSTIC, WildFly

Microsoft has revealed new cyber threat activity by a group dubbed GALLIUM that targets global telecommunication providers and unpatched web servers.

GALLIUM targets global telecom providers Read More »