Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things (IoT) and Operational Technology (OT) devices used in industrial, medical, and enterprise networks that could be abused by adversaries to execute arbitrary code and even cause critical systems to crash.“These remote code execution (RCE) vulnerabilities cover more than 25…
Fraud Management & Cybercrime , Governance & Risk Management , Patch Management FireEye: Attacks Happened Before Patch Issued for VPN Vulnerability Doug Olenick (DougOlenick) • April 30, 2021 A cyberthreat gang that’s been active since 2020 exploited a now-patched zero-day vulnerability in the SonicWall SMA 100 Series appliance to plant ransomware in attacks…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Suspicious Activity Detected; Investigation Continues Scott Ferguson (Ferguson_Writes) • April 30, 2021 The Cybersecurity and Infrastructure Security Agency is investigating whether five government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to…
Fraud Management & Cybercrime , Governance & Risk Management , Patch Management FireEye: Attacks Happened Before Patch Issued for VPN Vulnerability Doug Olenick (DougOlenick) • April 30, 2021 A cyberthreat gang that’s been active since 2020 exploited a now-patched zero-day vulnerability in the SonicWall SMA 100 Series appliance to plant ransomware in attacks…
A zero-day vulnerability addressed by SonicWall in its Secure Mobile Access (SMA) appliances earlier this year was exploited by a sophisticated and aggressive cybercrime group before the vendor released a patch, FireEye’s Mandiant unit reported on Thursday. Over the past half a year, a new cybercrime group has been observed using a broad range of…
An “aggressive” financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS.The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an “improper SQL command neutralization” flaw in the SSL-VPN SMA100 product (CVE-2021-20016,…
Victims of ransomware gangs are being urged to report it rather than pay the criminals behind the attacks. The gangs use malicious software to scramble and steal an organisation’s computer data and demand money to restore it. Megan Stifel, executive director of the Global Cyber Alliance, which seeks to reduce cyber risk, told BBC World…
The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data. The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital. In a statement to BleepingComputer, the DC Police stated that…
At least 45 people were killed and some 150 were injured in a crush at a crowded Orthodox Jewish festival in Israel. The Lag B’Omer festival near Mount Meron had attracted tens of thousands of pilgrims. Eyewitness Menachem Engel, who was attending the festival, said he was about 100m away from where the incident happened….
A financially motivated threat actor exploited a zero-day bug in SonicWall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets. The group, tracked by Mandiant threat analysts as UNC2447, exploited the CVE-2021-20016 SonicWall vulnerability to breach networks and deploy FiveHands ransomware payloads before patches were…
