eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices

The Cybersecurity and Infrastructure Security Agency (CISA) today launched a new vulnerability disclosure policy (VDP) platform for US federal civilian agencies. Initially announced in June, the federal civilian enterprise-wide crowdsourced VDP platform provided by BugCrowd and EnDyna was established in support of Binding Operational Directive (BOD) 20-01 issued in September 2020. The newly launched VDP…

CVE-2021-0229 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description An uncontrolled resource consumption vulnerability in Message Queue Telemetry Transport (MQTT) server of Juniper Networks Junos OS allows an attacker to cause MQTT server to crash and restart leading to a Denial of Service (DoS) by sending a stream…

The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector. While ransomware attacks have increased in frequency in the past six months, cybersecurity company Check Point last week noticed a surge in incidents targeting Microsoft Exchange servers vulnerable to the so-called…

Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers | IT Security News 22. May 2021 This article has been indexed from The Hacker News India’s flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service…

Cybercrime , Fraud Management & Cybercrime , Malware as-a-Service REvil, MountLocker and LockBit Operators Describe Strategies and Target Selection Mathew J. Schwartz (euroinfosec) • March 22, 2021     Ransom note for a REvil – aka Sodinokibi – ransomware infection (Source: Cisco Talos) Ransomware-wielding attackers have been in the limelight lately – not just for…

After Microsoft warned its customers against a Chinese nation-state cyberattack that is targeting the tech giant’s “Exchange Server” software, ransomware gangs have started to target vulnerable instances. Microsoft has confirmed that a new strain of ransomware is targeting vulnerable on-premise Microsoft Exchange Servers through ProxyLogon vulnerabilities as cybercriminal groups focus on those who haven’t (or…