BleepingComputer.com

Top exploited vulnerabilities of 2021. 

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents.

Accessed on 28 April 2022, 0141 UTC.

Content supplied by "BleepingComputer.com" via https://feedly.com.

Source: https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.bleepingcomputer.com%2Ffeed%2F

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.com

https://www.hawaiisciencedaily.com

https://www.hawaiigeopoliticalnews.com

BleepingComputer

49K followers56 articles per week#security#tech

MOST POPULAR

Cybersecurity agencies reveal top exploited vulnerabilities of 2021

100+by Sergiu Gatlan / 10h

In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021. [...]

Microsoft says Russia hit Ukraine with hundreds of cyberattacks

Microsoft Russian Ukraine

•

100+by Sergiu Gatlan / 7h

Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian hacking groups targeting the country's infrastructure and Ukrainian citizens. [...]

QNAP warns users to disable AFP until it fixes critical bugs

67by Sergiu Gatlan / 5h

Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage (NAS) appliances until it fixes multiple critical Netatalk vulnerabilities. [...]

TODAY

PSA: Onyx ransomware destroys large files instead of encrypting them

Data Encrypted for Impact (Enterprise T1486)

•

by Lawrence Abrams / 1h

A new Onyx ransomware operation is destroying large files instead of encrypting them, preventing those files from being decrypted even if a ransom is paid. [...]

New Black Basta ransomware springs into action with a dozen breaches

2 TTPs

•

38by Lawrence Abrams / 3h

•

Black Basta Ransomware

A new ransomware gang known as Black Basta has quickly catapulted into operation this month, claiming to have breached over twelve companies in just a few weeks. [...]

GitHub: How stolen OAuth tokens helped breach dozens of orgs

23by Sergiu Gatlan / 4h

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. [...]

Russian govt impersonators target telcos in phishing attacks

Keylogging (Enterprise T1056.001)

•

47by Bill Toulas / 9h

A previously unknown and financially motivated hacking group is impersonating a Russian agency in a phishing campaign targeting entities in Eastern European countries. [...]

Redis, MongoDB, and Elastic: 2022’s top exposed databases

Group-IB 2021 Singapore

•

29by Bill Toulas / 9h

Security researchers have noticed an increase in the number of databases publicly exposed to the Internet, with 308,000 identified in 2021. The growth continued quarter over quarter, peaking in the first months of this year. [...]

RIG Exploit Kit drops RedLine malware via Internet Explorer bug

3 TTPs

•

54by Bill Toulas / 11h

Threat analysts have uncovered yet another large-scale campaign delivering the RedLine stealer malware onto worldwide targets. [...]

Chinese state-backed hackers now target Russian state officers

4 TTPs

•

43by Bill Toulas / 12h

Security researchers analyzing a phishing campaign targeting Russian officials found evidence that points to the China-based threat actor tracked as Mustang Panda (also known as HoneyMyte and Bronze President). [...]

American Dental Association hit by new Black Basta ransomware

American Dental ADA

•

78by Lawrence Abrams / 15h

The American Dental Association (ADA) was hit by a weekend cyberattack, causing them to shut down portions of their network while investigating the attack. [...]