Here you will find all articles, news and whitepapers published by Bitdefender, sorted by date. All information and texts in the partner channel can also be easily shared on social media. The links at the end of the article will take you to the Bitdefender website or directly to white papers or studies.
Since January 2023, cybercriminals have been targeting implementations of Zoho Corporation's ManageEngine software solutions worldwide with an opportunistic attack. Cyber criminals use automated scans to tap into a large field of potential victims of ransomware or industrial espionage. Bitdefender Labs analyzed the first attacks in their telemetry. The new campaign is another example of the more common opportunistic, initially automated vulnerability scans by cybercriminals followed by hybrid targeted attacks. The aim of the attackers is to execute code remotely (Remote Code Execution – RCE) in order to play out additional payloads or to start industrial espionage....
The OpenAI ChatGPT chatbot proves how artificial intelligence and machine learning can directly determine life and everyday life. Advanced IT users will use such tools for their purposes. And with that, unfortunately, cybercriminals too. OpenAI's ChatGPT AI model is based on unsupervised learning. With this ML approach, an AI model is fed with a large data set of unlabeled data. The vast corpus of material of books, articles and websites is based on pre-2021 sources and has no connections to the current internet. But that is already enough to learn the structures of natural language and to deceptively…
In an analysis, Bitdefender warns of a series of ProxyNotShell/OWASSRF attacks targeting on-premise Microsoft Exchange installations. The attack often even ends in taking over the server. A technical guide from Bitdefender offers help. The attacks observed since the end of November 2022, especially in the USA, served different purposes. Server-Side Request Forgery (SSRF) attacks enable opportunistic attacks via a vulnerable server on another server and can lead to the complete takeover of a Microsoft Exchange server, for example. Vulnerabilities in such high-level architectures are rarely found. If available, they can only be used in productive systems...
The attacks on the VMware ESXi never end. They continue to threaten tens of thousands of servers and require updating to the latest VMware ESXi version, according to Bitdefender experts. Even rescue scripts no longer work because the ransomware has adapted. The attacks on the VMware ESXi hypervisors, which exploit the recently discovered CVE-2021-21974 vulnerability with little effort to play a wide variety of payloads as remote code, have enormous potential for spreading. They are therefore developing into mass attacks for opportunistic cybercriminals and are a current example of hybrid attacks: VMware-ESXi : Example of hybrid attack In…
Cyber criminals never stand still. They constantly improve their methods and intensify their attacks on available targets. In 2023, companies will once again be faced with the task of further optimizing their IT defenses. When it comes to cyber insurance, a good defense is also expected or there is no policy. 2022 was not a quiet year for IT security either. Hackers have crossed new borders: Organized criminals attacked governments, like Conti in the Costa Rica case. The Lapsus$ group attacked well-known players in the digital economy such as Microsoft, Nvidia, Uber, Globant and others. Hacker collectives developed sophisticated, powerful tools for…
A decryption tool co-developed by Bitdefender is now available to victims of the MegaCortex ransomware family. Those affected can use this free tool to make encrypted data from all MegaCortex versions available again. As early as October 2021, Europol had reported the arrest of twelve people as a result of an international action against actors who had used ransomware of the Dharma, MegaCortex and LockerGoga types. The victims of the attacks are believed to have included over 1.800 victims in 71 countries. The damage caused was estimated at over 100 million US dollars. Many of the victims kept encrypted data and waited a long time…
Victims of the RanHassan ransomware can now decrypt their data again using a universal Bitdefender decryptor. Bitdefender now provides 22 decryptors. The ability to decrypt data yourself is the best way to thwart ransomware attacks. Bitdefender's continued development of one of the industry's most comprehensive ransomware decryption programs has saved many companies from having to pay ransoms - estimated at around $XNUMX billion in total. Bitdefender's top decryption tools include tools for victims of Gandcrab attacks, as well as a universal decryptor against REvil ransomware….
IT security has a problem: it doesn't make any profits. For many it is still too expensive. However, the benefits of cyber defense can be demonstrated by a cost-benefit analysis with an IT security platform. There are five factors that can do this. Without a doubt, cyber defense causes additional costs beyond the pure license price. Because security software is not only to be obtained and installed quickly. Overtime that takes up time resources can never be ruled out. Its benefits often only become apparent when IT teams are willing and able to work with it. Security must be resource intensive….
Bitdefender has published a study detailing sophisticated corporate espionage against a US technology company. The attack took place over several months and focused on data exfiltration. An extensive network of several hundred IP addresses (most of them from China) were used for the attack. As part of the study, Bitdefender concludes that this type of attack is likely to increase and advises companies in industry, energy, finance, defense and other critical sectors to be on high alert. Spy campaign on Bitdefender partners…
Bitdefender Labs security researchers have discovered several vulnerabilities in popular EZVIZ smart cameras. Hackers can combine them and gain control over systems and access to content. An estimated ten million devices are affected. To do this, the perpetrators bypass existing authentication mechanisms. Bitdefender has informed the manufacturer and provided updates. Users should definitely patch and update their cameras. It is estimated that around ten million devices are affected. The estimate is based on known Android and iOS installations. Access to the video feed Hackers can use the gaps in unpatched cameras on the one hand…
