A threat actor has been exploiting a zero-day vulnerability in FatPipe’s virtual private network (VPN) devices as a way to breach companies and gain access to their internal networks, since at least May, the FBI has warned. (By Lisa Vaas, Threatpost)
CISA, the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have released a joint Cybersecurity Advisory highlighting ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, and NCSC assess is associated with the government of Iran. (By CISA)
Emotet is a modular banking trojan that also functions as a downloader of other trojans and malware/ransomware. In January 2021, law enforcement and judicial authorities worldwide moved together to perform a global takedown of the Emotet botnet, and in April 2021 they performed a coordinated, widespread uninstall of the malware from infected machines via a module they propagated in January, effectively crippling the botnet. (By Zeljka Zorz, Help Net Security)
SonicWall recorded a 148% increase in global ransomware attacks through the third quarter (Q3) of 2021. With 470 million ransomware attacks logged by the company this year to date, 2021 will be the most costly and dangerous year on record. (By Help Net Security)
Security experts keep telling people that they need to use strong and complex passwords to protect themselves and their online information. But despite the advice, too many users continue to rely on weak and simple passwords that require virtually no time to crack. (By Lance Whitney, TechRepublic)