Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- Dutch supermarkets run out of cheese after ransomware attack
April 12, 2021
A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets. Bakker Logistiek is one of the largest logistics services providers in the Netherlands, offering air-conditioned warehousing and food transportation for Dutch supermarkets. Last week, Bakker Logistiek suffered a ransomware attack that encrypted devices on their network and disrupted ...
- New survey report released: The state of industrial cybersecurity (Part 3)
April 12, 2021
This is the final installation of our three-part blog series, explaining the state of industrial cybersecurity based on the result of survey Trend Micro conducted in the US, Germany and Japan in November 2021. Part 1: Converging IT and OT with people, process and technology Part 2: Most factories have already implemented technical measures but are still ...
- Critical security alert: If you haven’t patched old Fortinet VPN vulnerability, assume your network is compromised
April 12, 2021
Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and have yet to apply a critical security update released almost two years ago, should assume they’ve been compromised and act accordingly. The alert from the National Cyber Security Centre (NCSC) follows a ...
- IcedID Circulates Via Web Forms, Google URLs
April 12, 2021
Website contact forms and Google URLs are being used to spread the IcedID trojan, according to researchers at Microsoft. Attackers are using “contact us” forms on websites to send emails targeting organizations with trumped-up legal threats, researchers said. The messages consistently mention a copyright infringement by a photographer, illustrator or designer, and they contain a link ...
- 623M Payment Cards Stolen from Cybercrime Forum
April 9, 2021
The Swarmshop cyber-underground “card shop” has been hit by hackers, who lifted the site’s database of stolen payment-card data and leaked it online. That’s according to researchers at Group-IB, who said that the database was posted on a rival underground forum. Card shops, are online cybercriminal forums where stolen payment-card data is bought and sold. Researchers said ...
- Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
April 9, 2021
More than a year after Operation DRBControl, a campaign by a cyberespionage group that targets gambling and betting companies in Southeast Asia, we found evidence that the Iron Tiger threat actor is still interested in the gambling industry. This blog details how Iron Tiger threat actors have updated their toolkit with an updated SysUpdate malware variant ...