CVE-2021-1522
CVE-2021-1522
Written by Tim Starks Sep 16, 2021 | CYBERSCOOP As law enforcement braces for the revival of the REvil ransomware gang, a cybersecurity firm on Thursday released a free decryption tool for early victims of the criminals. The decryptor, which Bitdefender developed in coordination with an unnamed law enforcement partner, will aid victims hit before…
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. In the Joint Cybersecurity Advisory (CSA) published today, the agencies warn admins and users that the state-sponsored hacking groups are “likely” exploiting Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. The attackers are…
Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development Report Offers Risk Mitigation Advice, Stressing Prompt Patching Doug Olenick (DougOlenick) • July 19, 2021 Example of Chinese attackers’ tactics and techniques (Source: Joint Cybersecurity Advisory) Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50…
Cybercrime is one of the most significant threats facing companies today. With the average cost of a data breach reaching an all-time high of $4.24 million, the business case for cybersecurity has never been stronger. Still, some businesses seem to misunderstand the urgency of meeting current cybersecurity standards. It may help to consider the legal…
US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool. The computer and network security company has already notified a “small subset of customers” potentially impacted by this breach to take measures…
Breach Notification , Cybercrime , Endpoint Security Manufacturer Stopped Supporting Targeted Network-Attached Storage Devices in 2015 Mathew J. Schwartz (euroinfosec) • June 28, 2021 Screen grab posted by the owner of a LAN-connected Western Digital My Book Live after it was apparently hit by a data-wiping attack that also changed the device’s admin…