Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- Team of experts help Rutube to recover from the May 9 cyberattack
May 11, 2022
Rutube involved several expert teams, including a team of specialists from Positive Technologies security center, to deal with the aftermath of the May 9 cyberattack, the website said in its Telegram channel. “In order to investigate the attack and deal with its aftermath, several expert teams were involved, including a team of specialists from the Positive ...
- U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors
May 10, 2022
CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial satellite communications networks to disrupt Ukrainian ...
- Examining the Black Basta Ransomware’s Infection Routine
May 9, 2022
Black Basta, a new ransomware gang, has swiftly risen to prominence in recent weeks after it caused massive breaches to organizations in a short span of time. On April 20, 2022, a user named Black Basta posted on underground forums known as XSS.IS and EXPLOIT.IN to advertise that it intends to buy and monetize corporate network ...
- Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
May 9, 2022
The security landscape has become increasingly challenging and complex for our customers. Threats have grown at an alarming rate over the last year, and cybercrime is now expected to cost the world USD10.5 trillion annually by 2025, up from USD3 trillion a decade ago and USD6 trillion in 2021.1 As attacks increase in scale, so must ...
- Ukraine warns of “chemical attack” phishing pushing stealer malware
May 9, 2022
Ukraine’s Computer Emergency Response Team (CERT-UA) is warning of the mass distribution of Jester Stealer malware via phishing emails using warnings of impending chemical attacks to scare recipients into opening attachments. As the war between Russia and Ukraine continues, the threat of escalation in using more lethal weapons remains a concern. Ukrainians live under this constant fear, ...
- It costs just $7 to rent DCRat to backdoor your network
May 9, 2022
A budget-friendly remote access trojan (RAT) that’s under active development is selling on underground Russian forums for about $7 for a two-month subscription, according to BlackBerry researchers today. The backdoor Windows malware, dubbed DCRat or DarkCrystal RAT, was released in 2018, then redesigned and relaunched the following year. An individual who goes by the handles boldenis44, ...