RagnarLocker ransomware gang breached 52 critical infrastructure organizations

Credit to Author: Pieter Arntz| Date: Wed, 09 Mar 2022 11:44:13 +0000

The FBI says it has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware.

The post RagnarLocker ransomware gang breached 52 critical infrastructure organizations appeared first on Malwarebytes Labs.

Read more

Zyxel Fixes 0day in Network Storage Devices

Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.

Read more

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Credit to Author: BrianKrebs| Date: Mon, 18 Feb 2019 13:51:01 +0000

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy. This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.

Read more

How the government shutdown is influencing cybersecurity jobs

Credit to Author: Kayla Matthews| Date: Tue, 15 Jan 2019 17:16:00 +0000

As of this writing, the government shutdown of 2019 is the longest ever in America. Will the government’s stable of cybersecurity talent be the next casualty—now and in the long run?

Categories:

Tags:

(Read more…)

The post How the government shutdown is influencing cybersecurity jobs appeared first on Malwarebytes Labs.

Read more

Fake DHS email – “Give us $350 in the next 24 hours”

Credit to Author: Christopher Boyd| Date: Fri, 08 Sep 2017 15:00:14 +0000

Every now and then, we see the 419 “Hitman deployed to kill you” missive doing the rounds. This time, we have a fake DHS notification telling you to pay a $350 fee within 24 hours – or else.

Categories:

Tags:

(Read more…)

The post Fake DHS email – “Give us $350 in the next 24 hours” appeared first on Malwarebytes Labs.

Read more