Tag Archive for: Leave

Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks

/in


Apr 09, 2024NewsroomBotnet / Vulnerability

D-Link NAS Devices

Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.

Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in an advisory, said it does not plan to ship a patch and instead urges customers to replace them.

“The vulnerability lies within the nas_sharing.cgi uri, which is vulnerable due to two main issues: a backdoor facilitated by hard-coded credentials, and a command injection vulnerability via the system parameter,” security researcher who goes by the name netsecfish said in late March 2024.

Cybersecurity

Successful exploitation of the flaws could lead to arbitrary command execution on the affected D-Link NAS devices, granting threat actors the ability to access sensitive information, alter system configurations, or even trigger a denial-of-service (DoS) condition.

The issues affect the following models –

  • DNS-320L
  • DNS-325
  • DNS-327L, and
  • DNS-340L

Threat intelligence firm GreyNoise said it observed attackers attempting to weaponize the flaws to deliver the Mirai botnet malware, thus making it possible to remotely commandeer the D-Link devices.

D-Link NAS Devices

In the absence of a fix, the Shadowserver Foundation is recommending that users either take these devices offline or have remote access to the appliance firewalled to mitigate potential threats.

Cybersecurity

The findings once again illustrate that Mirai botnets are continuously adapting and incorporating new vulnerabilities into their repertoire, with threat actors swiftly developing new variants that are designed to abuse these issues to breach as many devices as possible.

With network devices becoming common targets for financially motivated and nation-state-linked attackers, the development comes as Palo Alto Networks Unit 42 revealed that threat actors are increasingly switching to malware-initiated scanning attacks to flag vulnerabilities in target networks.

“Some scanning attacks originate from benign networks likely driven by malware on infected machines,”…

Source…

2024 Thales Data Threat Report Reveals Rise In Ransomware Attacks, As Compliance Failings Leave Businesses Vulnerable To…

/in


(MENAFN– AETOSWire) (BUSINESS WIRE ) — Thales today announced the release of the 2024 Thales Data Threat Report , its annual report on the latest data security threats, trends, and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries across 37 industries. This year’s report found that 93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year.

Threats continue to increase in volume and severity

The number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Despite this escalating threat, less than half of organisations have a formal ransomware plan in place, with 8% resorting to paying the ransom demands.

Malware stands out as the fastest-growing threat of 2024, with 41% of enterprises witnessing a malware attack in the past year – closely followed by phishing and ransomware. Cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks.

The report shows that for a second year running, human error remains the leading cause of data breaches, with 31% of enterprises pinpointing this as the root cause.

These insights are drawn from the 2024 Thales Data Threat Report, conducted by 451 Research. The report sheds light on how businesses are adapting their data security strategies and practices in response to an evolving threat landscape.

Compliance is the key to data security

The research found that over two fifths (43%) of enterprises failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.

Of those that had failed a compliance audit in the past twelve months, 31% had experienced a breach that very same year. This compares to just 3% of those who had passed compliance audits.

Operational complexity continues to cause data headaches

Fundamental understanding of what systems, applications, and data are at risk continue to lag due to changing regulatory and threat landscapes. Only a third (33%) of organisations are…

Source…

Botnets: The uninvited guests that just won’t leave

/in


Botnets have been in existence for nearly two decades. Yet despite being a longstanding and widely known threat, they still have the power to wreak havoc on an organization’s networks, and often do so successfully while evading detection. 

The majority of contemporary malware families have set up botnets for command and control (C2) connections. It stands to reason that the number of active botnets would grow in sync with the number of malware families and versions. When FortiGuard Labs researchers analyzed botnet activity during the first half of 2023, we saw there are more botnets currently active, inevitably increasing the chances that organizations will be impacted by this threat.

What’s more concerning, though, is that we observed an increase in dwell time: Botnets are lingering on networks longer than ever before being detected. This underscores the fact that reducing response time is critical because the longer organizations allow botnets to remain, the greater the damage and risk to the business.

Botnet activity and dwell time are on the rise

The number of active botnets grew in the first half of 2023, up 27% from the prior six-month period. We also saw a higher rate of botnet activity (+126%) among organizations when comparing those same periods. 

Botnets are like uninvited guests that just won’t leave.

The true eye-opener for botnet trends in the first half of this year is the sharp rise in the overall number of \”active days\”—the period between the start of a botnet\’s activity and the termination of its C2 communications. In comparison to measurements made at the beginning of 2018, this reveals a more than 1,000x rise, demonstrating that botnets have become more tenacious in the last five years.

As botnets are quick to adapt and broaden the variety of devices they can automatically infiltrate and control—including some devices that traditionally haven’t been closely inspected, such as IoT—there are more vulnerabilities and exploits than ever that botnets can leverage.

Take back control from the botnets

Reducing response time is vital. The longer the dwell time, the more likely it is that botnets can impact a…

Source…

Leave Less Tracks Online By Clearing Your Browsing History

/in


Our online activities leave a trail of data known as browsing history, containing records of the websites we visit, the searches we conduct, and the pages we interact with. It’s crucial to understand why clearing your browsing history is essential for safeguarding your privacy and online security, and exactly how to do it. Keep on reading for all the info.

Why you need to clear your browsing history

Here are three of the reasons why you need to regularly clear your browsing history:

To protect your sensitive info

Your browsing history contains a wealth of sensitive information. From login credentials to personal details entered on websites, this data would be immensely valuable to identity thieves, were it to fall into their hands. Clearing your browsing history regularly helps mitigate the risk of unauthorized access to your private information.

To take back control from advertisers

As you navigate the internet, your browsing history builds a profile of your interests. Advertisers and third parties may use this data to tailor ads and content specifically to you. By regularly clearing your browsing history, you stop them from being able to access information about your browsing preferences, allowing for a less intrusive online experience.

To enhance your online security

Stored cookies, which are bits of data that websites leave on your device, can potentially be exploited by cybercriminals. Clearing your browsing history eliminates these cookies, reducing the risk of unauthorized tracking and potential security vulnerabilities.

How to clear your browsing history

Below you will find instructions on how to clear your browsing history on desktop and mobile.

Chrome (desktop)

  1. Open Chrome and click on the three dots in the top-right corner.
  2. Select “History” > “History.”
  3. Click on “Clear browsing data” on the left sidebar.
  4. A pop-up window will appear. Choose the time range and select the types of information you want to delete.
  5. Click “Clear data.”

Edge (desktop)

  1. Open Edge and click on the three dots in the top-right corner.
  2. Select “History.”
  3. In the History pane that opens, click on the trash can icon.
  4. A pop-up window will appear….

Source…