What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-10 17:39:00 | Anomali Cyber Watch: GIGABYTE Hit By RansomEXX Ransomware, Seniors\' Data Exposed, FatalRat Analysis, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Chinese state hackers, Data leak, Ransomware, RAT, Botnets, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Actively Exploited Bug Bypasses Authentication On Millions Of Routers
(published: August 7, 2021)
The ongoing attacks were discovered by Juniper Threat Labs researchers exploiting recently discovered vulnerability CVE-2021-20090. This is a critical path traversal vulnerability in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication. The total number of devices exposed to attacks likely reaches millions of routers. Researchers identified attacks originating from China and are deploying a variant of Mirai botnet on vulnerable routers.
Analyst Comment: Attackers have continuous and automated routines to look out for publicly accessible vulnerable routers and exploit them as soon as the exploit is made public. To reduce the attack surface, routers management console should only be accessible from specific public IP addresses. Also default password and other security policies should be changed to make it more secure.
Tags: CVE-2021-20090, Mirai, China
Computer Hardware Giant GIGABYTE Hit By RansomEXX Ransomware
(published: August 7, 2021)
The attack occurred late Tuesday night into Wednesday and forced the company to shut down its systems in Taiwan. The incident also affected multiple websites of the company, including its support site and portions of the Taiwanese website. Attackers have threatened to publish 112GB of stolen data which they claim to include documents under NDA (Non Disclosure Agreement) from companies including Intel, AMD, American Megatrends unless a ransom is paid.
Analyst Comment: At this point no official confirmation from GIGABYTE about the attack. Also no clarity yet on potential vulnerabilities or attack vectors used to carry out this attack.
Tags: RansomEXX, Defray, Ransomware, Taiwan
Millions of Senior Citizens' Personal Data Exposed By Misconfiguration
(published: August 6, 2021)
The researchers have discovered a misconfigured Amazon S3 bucket owned by the Senior Advisor website which hosts ratings and reviews for senior care services across the US and Canada. The bucket contained more than one million files and 182 GB of data containing names, emails, phone numbers of senior citizens from North America. This exposed data was not encrypted and did not require a password or login credentials to access.
Analyst Comment: Senior citizens are at high risk of online frauds. Their personal information and context regarding appointments getting leaked can lead to targeted phishing scams.
Tags: Data Leak, Phishing, North America, AWS
|
Malware Vulnerability Threat Guideline | APT 41 APT 41 APT 30 APT 27 APT 23 |
1
We have: 1 articles.
We have: 1 articles.
To see everything:
Our RSS (filtrered)
