Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- Threat landscape for industrial automation systems. Statistics for H2 2020
March 25, 2021
There is no longer a downward trend in the percentage of ICS computers on which malicious objects were blocked. Starting with the second half (H2) of 2019, we observed a decline in the percentages of ICS computers on which malicious objects were blocked. This was observed in industrial control systems (ICS) as well as in corporate ...
- Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech
March 25, 2021
In April 2020, we reported on a large influx of COVID-19 themed phishing attacks starting in February 2020. With March 2021 marking the one-year anniversary that the World Health Organization declared COVID-19 a pandemic, we revisited the phishing trends we observed in the past year to gain deeper insight into the various COVID-related topics that ...
- Ransomware attack halts production at IoT maker Sierra Wireless
March 23, 2021
A multinational manufacturer of Internet of Things (IoT) devices has halted production after falling victim to a ransomware attack. Canadian IoT maker Sierra Wireless says it suffered a ransomware attack against its internal IT systems on March 20, which has led to production being halted at its manufacturing sites. Internal operations have also been disrupted by ...
- Ransomware gang leaks data stolen from Colorado, Miami universities
March 23, 2021
Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. Starting in December, threat actors affiliated with the Clop ransomware operation began targeting Accellion FTA servers and stealing the data stored on them. Companies use these servers to share ...
- Energy Giant Shell Is Latest Victim of Accellion Attacks
March 23, 2021
Energy giant Royal Dutch Shell is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance (FTA) product, which already has affected numerous companies and been attributed to the FIN11 and the Clop ransomware gang. “Shell has been impacted by a data-security incident involving Accellion’s File Transfer Appliance,” the ...
- Purple Fox malware worms its way into exposed Windows systems
March 23, 2021
Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. The malware comes with rootkit and backdoor capabilities, was first spotted in 2018 after infecting at least 30,000 devices, and is ...