Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- DDoS attackers have found this new trick to knock over websites
March 2, 2022
Distributed denial of service (DDoS) attackers are using a new technique to knock websites offline by targeting vulnerable ‘middleboxes’, such as firewalls, to amplify junk traffic attacks. Amplification attacks are nothing new and have helped attackers knock over servers with short busts of traffic as high as 3.47 Tbps. Microsoft last year mitigated attacks on this ...
- Hackers Become the Hacked: Anonymous’ Site Taken Down Following Declaration of ‘Cyberwar’ on Russia
March 1, 2022
The Anonymous hacker collective began attacking the Russian segment of the internet Friday in connection with the situation in Ukraine, targeting websites of Russian businesses, media, the military and various government agencies. A hacking group called Killnet claims to have brought down a key website affiliated with Anonymous, as well as the neo-Nazi Ukrainian Right Sector ...
- Second data-wiping malware found in Ukraine, says ESET
March 1, 2022
The disk-wiping malware that tore through at least hundreds of Ukrainian Windows systems at the start of Russia’s occupation wasn’t alone. Slovakian infosec firm ESET has found a second similar strain in Ukraine. “Malware artefacts suggest that the attacks had been planned for several months,” said the biz. Last week, as the Russian armed forces invaded ...
- Insurance giant AON hit by a cyberattack over the weekend
February 28, 2022
Professional services and insurance giant AON has suffered a cyberattack that impacted a “limited” number of systems. AON is a multinational professional services firm offering a wide array of solutions, including business insurance, reinsurance, cybersecurity consulting, risk solutions, healthcare insurance, and wealth management products. AON generated $12.2 billion of revenue in 2021 and has approximately 50,000 employees ...
- Manufacturing is the most targeted sector by ransomware in Brazil
February 28, 2022
According to a report published by IBM on security threats in Latin America, companies from the manufacturing sector are feeling the greatest impact of attacks orchestrated by ransomware gangs. Ransomware, corporate email compromise, and credential harvesting together brought bring sector companies to a standstill in Latin America in 2021, further straining supply chains, the X-Force Threat ...
- Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
February 28, 2022
New research by the Symantec Threat Hunter team, part of Broadcom Software, has uncovered a highly sophisticated piece of malware being used by China-linked threat actors, exhibiting technical complexity previously unseen by such actors. The malware appears to be used in a long-running espionage campaign against select governments and other critical infrastructure targets. There is strong ...