Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- Spike in LokiBot Activity During Final Week of 2022
March 3, 2023
Unit 42 researchers have uncovered a malware distribution campaign that is delivering the LokiBot information stealer via business email compromise (BEC) phishing emails. This malware is designed to steal sensitive information from victims’ systems, such as passwords and banking information, as well as other sensitive data. In this blog, Unit 42 researchers will explain how attackers used ...
- Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer
March 2, 2023
Recently, Trend Micro researchers noticed a spike in the number of emails received by one of our customers. After further investigation, they found that three other customers in the hospitality industry were also affected. The researchers observed that most of the emails had subject lines that attempt to catch victims’ attention: “help,” “requesting for assistance,” ...
- Subdomain Reputation: Detecting Malicious Subdomains of Public Apex Domains
March 2, 2023
Cybercriminals regularly leverage popular dynamic domain name system (DDNS) or web hosting services to store and distribute their content. Threat actors leverage these for command and control (C2), malware distribution and phishing. This abuse has created the need for new detection methods for malicious subdomains. DDNS and web hosting services often allow people to serve content ...
- Leveraging data science to minimize the blast radius of ransomware attacks
March 2, 2023
As ransomware groups continue to build on their arsenal of tactics, techniques, and procedures (TTPs), it’s essential for cybersecurity professionals to assess the levels of risk to their organizations using multiple sources of information for a comprehensive outlook on this ever-evolving threat. Common Vulnerabilities and Exposures (CVE) data, for example, can guide defenders in determining ...
- Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
March 1, 2023
Iron Tiger is an advanced persistent threat (APT) group that has been focused primarily on cyberespionage for more than a decade. In 2022, we noticed that they updated SysUpdate, one of their custom malware families, to include new features and add malware infection support for the Linux platform. We found the oldest sample of this updated ...
- “Major” cyberattack compromised sensitive U.S. Marshals Service data
February 28, 2023
The U.S. Marshals Service is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a “major incident” by officials, impacting a “stand-alone” system (meaning it is not connected to a larger ...