News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Category: Short News

Are Many Companies Denying LockBit the Ransom?
16 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Once LockBit has encrypted a site and stolen its data, the group posts a payment request with a countdown on its leak page on the dark web. If you don't pay, you can download data there. A lot of companies don't pay. Many attacked companies are listed on the LockBit leak page. Current ransom payment deadlines are marked in red. If an ultimatum has expired and it has not been paid, LockBit will color the entry for the published data green. The leak page from July to December 2022 currently contains the information…

Read more

Again stolen Uber data landed on the dark web
15 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Transport service provider and food supplier Uber has had to admit a loss of data again, even if the data is said to have come from a third-party provider. The hacker “UberLeaks” claims to have stolen the data from Uber and Uber Eats. According to the portal bleepingcomputer, Uber has suffered a new data breach. Data and e-mail addresses of employees, company reports and IT asset information are said to have appeared on the Internet. According to Uber, however, the data was stolen from a third-party provider. Hacker 'UberLeaks' Announces Data The 'UberLeaks' account has announced on a hacking forum known for posting data breaches data...

Read more

BSI Alert: Critical vulnerability in Fortinet SSL VPN
14 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI warns against active exploitation of a critical vulnerability in Fortinet SSL VPN. FortiOS' service, used on FortiGate firewalls, allows attackers to execute malicious code or commands. According to the BSI, companies that use FortiGate firewalls should patch their devices as soon as possible. The vulnerability is rated "critical" by the manufacturer according to the Common Vulnerability Scoring System (CVSS) v3.1 with an overall CVSS value of 9.3 out of 10. CVE-2022-42475 was assigned for the vulnerability. According to the Fortinet PSIRT – Product Security Incident Response Team –…

Read more

Researchers Discover Holey Web Application Firewalls (WAF)
14 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Claroty security researchers have discovered ways to bypass Web Application Firewalls (WAF). A lack of JSON support allows attacks on potentially all providers. The providers Palo Alto Networks, Amazon Web Services, Cloudflare, F5 and Imperva have meanwhile updated their products. Security researchers from Team82, the research arm of cyber-physical systems (CPS) security specialists Claroty, have identified the possibility of a basic bypass of industry-leading web application firewalls (WAF). The attack technique involves appending JSON syntax to SQL injection payloads. Leading WAF Vendors Have Already Responded Although most database engines have supported JSON for a decade,…

Read more

230 percent more malicious crypto miners
13 December 2022
| No comments
| Kaspersky, Short news
Kaspersky_news

In the third quarter of 2022, Kaspersky experts recorded a sharp increase in crypto miner variants — a growth of over 230 percent. This is shown by the report “The state of cryptojacking in 2022”. Almost every sixth attack via a vulnerability is accompanied by a miner infection. The number of crypto miners is currently over 150.000 and is three times as high as in the third quarter of 2021. Cyber ​​criminals are currently "earning" an average income of around 1.500 US dollars per month; in one case, a wallet was identified where a $40.500 (2 BTC) transaction…

Read more

Access point WLAN security solution for SMEs
12 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The WLAN security solution Connect and Protect from Zyxel Networks is now available for the two access points NWA110AX and NWA1123ACv3. Small and medium-sized companies (SMEs) in particular can use this to increase their security while at the same time simplifying the management of the WLAN network. Connect and Protect filters out unsafe web content and prevents access to dangerous websites. In addition, it ensures that registered users cannot access the data flow of other users, so that cybercriminals cannot spy on or steal personal data. More security for SME Access Point Connect and Protect offers comprehensive protection against cyber threats,…

Read more

Faulty botnet malware can be disabled 
11 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Akamai researchers have investigated a crypto-mining botnet using its KmsdBot malware. The researchers accidentally caused the botnet to crash in a protected environment. Since the malware was programmed incorrectly, a command missing a space was enough to crash the botnet. Earlier this month, Akamai Security Research published a blog post about KmsdBot, a cryptomining botnet that infects victims via SSH and weak credentials. After the malware infected an Akamai honeypot, the botnet was immediately analyzed and reported on in a post. Botnet crash due to missing space The experts…

Read more

Vulnerability in Netgear router allows external access
10 December 2022
| No comments
| Short news
Tenable news

Tenable has discovered a vulnerability in a new NETGEAR router. The popular WiFi 6 router is known for its large area coverage and is also used by micro-businesses. The router can be reached from the outside with an old firmware via IPv6. Tenable's ZeroDay research team found a network misconfiguration in the NETGEAR Nighthawk WiFi6 Router (RAX30 AX2400) working with firmware up to v1.0.7.78. The new update with firmware V1.0.9.90 fixes the security problem. External attack via IPv6 possible The bug inadvertently enabled unrestricted communication with all services running over IPv6 on the WAN (Internet Facing) port of the…

Read more

Employees: 90 percent need basic cyber security training
9 December 2022
| No comments
| Kaspersky, Short news
Kaspersky_news

89 percent of employees in companies need cyber security training. Approximately one in three employees cannot demonstrate sufficient knowledge of how to deal with everyday cyber security-related topics. These results come from recent analysis of the Kaspersky Gamified Assessment Tool. Many types of cyberattacks start with employee misconduct, whether it's opening an infected attachment, clicking a malicious link, or using weak passwords. Kaspersky Gamified Assessment Tool is designed to change and strengthen employee behavior and awareness of cybersecurity. At the same time...

Read more

Cyber ​​attacks against foreign government
8 December 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Researchers from Avanan report on attacks on the Caribbean island nation of the Federation of St. Kitts and Nevis and explain how hackers threaten the government there on a daily basis. The islands, with a population of 100.000, experienced 34.000 phishing attacks a year. Check Point reports attacks against the government of the Federation of Saint Kitts and Nevis. Researchers at Check Point subsidiary Avanan, a leading provider of email security solutions, have examined the attacks on the Caribbean island nation and placed them in the context of the increasing number of cyber attacks against authorities worldwide. Over 1.500 attacks on governments – per week! Noisy…

Read more

© 2024 MedPressIT GbR
Cookie Settings