Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- CISA: Preparing Critical Infrastructure for Post-Quantum Cryptography
August 24, 2022
Nation-states and private companies are actively pursuing the capabilities of quantum computers. Quantum computing opens up exciting new possibilities; however, the consequences of this new technology include threats to the current cryptographic standards. These standards ensure data confidentiality and integrity and support key elements of network security. While quantum computing technology capable of breaking public ...
- Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
August 24, 2022
There have already been reports on code-signed rootkits like Netfilter, FiveSys, and Fire Chili. These rootkits are usually signed with stolen certificates or are falsely validated. However, when a legitimate driver is used as a rootkit, that’s a different story. Such is the case of mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game ...
- New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks
August 23, 2022
A new data extortion group named ‘Donut Leaks’ is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando. Two victims disclosed these attacks without much information regarding who was involved. Over the weekend, DESFA confirmed they suffered a cyberattack after Ragnar Locker leaked screenshots ...
- Legitimate SaaS Platforms Being Used to Host Phishing Attacks
August 23, 2022
Instead of creating phishing pages from scratch, more and more cybercriminals are now abusing legitimate software-as-a-service (SaaS) platforms, including various website builders or form builders, to host their phishing pages. Since these URLs are hosted on legitimate domains, they can be especially difficult for many phishing detection engines to detect. Furthermore, these platforms typically require ...
- Colorado: Cyber attack hits Fremont County government
August 23, 2022
Fremont County government services are being impacted by a cyber attack that began last week. According to a Facebook post made by Fremont County Emergency Management, county officials became aware of the attack, which was impacting county government systems, on Wednesday, Aug. 17. An incident response team led by Fremont County Emergency Management and the Governor’s Office ...
- New Iranian APT data extraction tool
August 23, 2022
As part of TAG’s mission to counter serious threats to Google and our users, they’ve analyzed a range of persistent threats including APT35 and Charming Kitten, an Iranian government-backed group that regularly targets high risk users. For years, Google TAG have been countering this group’s efforts to hijack accounts, deploy malware, and their use of ...