CISA sets two week window for patching serious vulnerabilities

Credit to Author: Pieter Arntz| Date: Thu, 04 Nov 2021 21:23:02 +0000

CISA is trying to reset expectations about how quickly federal deparments and agencies should be patching vulnerabilities.

Categories: Reports

Tags:

(Read more…)

The post CISA sets two week window for patching serious vulnerabilities appeared first on Malwarebytes Labs.

Read more

StopRansomware.gov brings together information on stopping and surviving ransomware attacks

Credit to Author: Malwarebytes Labs| Date: Mon, 19 Jul 2021 13:30:12 +0000

StopRansomware.gov is designed to be a one-stop hub for ransomware resources.

Categories: Malwarebytes news

Tags:

(Read more…)

The post StopRansomware.gov brings together information on stopping and surviving ransomware attacks appeared first on Malwarebytes Labs.

Read more

JBS says it is recovering quickly from a ransomware attack

Credit to Author: Pieter Arntz| Date: Wed, 02 Jun 2021 14:58:27 +0000

JBS, one of the world’s largest meat and poultry processors, suffered a ransomware attack that shut down some of their plants.

Categories: Ransomware

Tags:

(Read more…)

The post JBS says it is recovering quickly from a ransomware attack appeared first on Malwarebytes Labs.

Read more

Colonial Pipeline attack spurs new rules for critical infrastructure

Credit to Author: David Ruiz| Date: Tue, 25 May 2021 20:07:46 +0000

The Colonial Pipeline attack has spurred the TSA to issue new cybersecurity rules for pipeline companies in the US, expected this week.

Categories: GovernmentRansomware

Tags:

(Read more…)

The post Colonial Pipeline attack spurs new rules for critical infrastructure appeared first on Malwarebytes Labs.

Read more

IoT riddled with BadAlloc vulnerabilities

Credit to Author: Pieter Arntz| Date: Fri, 30 Apr 2021 12:05:56 +0000

A set of memory allocation vulnerabilities, dubbed BadAlloc, has been found in a massive number of IoT and OT devices.

Categories: Reports

Tags:

(Read more…)

The post IoT riddled with BadAlloc vulnerabilities appeared first on Malwarebytes Labs.

Read more

A week in security (December 28 – January 3)

Credit to Author: Malwarebytes Labs| Date: Mon, 04 Jan 2021 15:52:48 +0000

A roundup of cybersecurity news from December 28 – January 3 including a Zyxel backdoor, a patched Google Docs bug, and breach data for sale.

Categories: A week in security

Tags:

(Read more…)

The post A week in security (December 28 – January 3) appeared first on Malwarebytes Labs.

Read more

Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President

Credit to Author: David Ruiz| Date: Wed, 18 Nov 2020 16:16:33 +0000

On Tuesday evening, President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA).

Categories: Malwarebytes news

Tags:

(Read more…)

The post Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President appeared first on Malwarebytes Labs.

Read more

Zyxel Fixes 0day in Network Storage Devices

Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.

Read more