Tag Archive for: Severe
CloudNordic Faces Severe Data Loss After Ransomware Attack
CloudNordic, a prominent Danish cloud provider, has suffered a severe ransomware attack that struck on August 18. This attack resulted in a complete shutdown of the company’s servers and infrastructure, leading to operational chaos.
- Ransomware Hit CloudNordic: Danish cloud provider CloudNordic fell victim to a ransomware attack on August 18, causing a complete shutdown of its systems and affecting customer data.
- Data Loss Warning: CloudNordic informed clients of likely data loss after the attack. Customer websites and email systems were compromised, intensifying the impact.
- No Ransom Payment: CloudNordic refuses to pay ransom to hackers, even as data loss affects many customers.
- System Transition Flaw: Vulnerabilities in system transfer let ransomware infiltrate CloudNordic’s servers, allowing attackers access to admin and backup systems.
- Recovery Challenges: CloudNordic struggles to restore services and data. Customers are advised to seek alternatives to minimize downtime. Hope remains that data wasn’t stolen.
CloudNordic, a well-known Danish cloud provider, is grappling with a major setback after falling victim to a crippling ransomware attack. The company has informed its clientele that they should brace for a complete data loss, as their systems remain paralyzed in the aftermath of the attack.
The cyber assault struck CloudNordic in the early hours of August 18, causing a catastrophic shutdown of the company’s servers and wiping out not only their internal infrastructure but also compromising their customers’ websites and email systems. The incident has left CloudNordic in a state of chaos, struggling to recover from the damage inflicted by the ransomware attack.
In a translated statement, CloudNordic conveyed, “We cannot and do not want to meet the financial demands of the criminal hackers for ransom.” The company expressed its commitment to not capitulating to the attackers’ monetary demands. However, it’s a grim reality that the majority of customers have already lost their data due to the attack.
The cyberattack has exposed the vulnerabilities in CloudNordic’s system transition. Suspecting that the ransomware infiltrated during the…
CISA urged to add 8 severe ransomware bugs to vulnerability catalog
Researchers found that eight of the 131 vulnerabilities associated with ransomware not yet listed in a federal catalog meant to help the cybersecurity community are considered “most dangerous” because they could be easily exploited from initial access to exfiltration.
A ransomware report from Cyber Security Works, Ivanti, Cyware, and Securin warned organizations not to ignore vulnerabilities that have yet to be added to the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities catalog (KEV), especially those with complete MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) kill chains where each stage of an attack can be defined, described, and tracked by attackers.
According to the report, researchers identified 57 extremely dangerous ransomware-associated vulnerabilities with complete kill chains, eight of which are excluded in the KEV. These eight bugs are found in over 30 products, including products by Microsoft, Oracle, Zyxel, and QNAP.
The Ivanti research team highlighted that bugs (CVE-2016-10401, CVE-2017-6884) in Zyxel, a subsidiary of a Taiwanese multinational broadband provider Unizyx Holding is particularly notable because of the nation-state and global threat actor focusing on Taiwan. Additionally, these are old vulnerabilities discovered in 2016 and 2017, yet do not have a patch.
Srinivas Mukkamala, chief product officer at Ivanti, told SC Media that the research team has reached out to CISA to recommend including all of the severe vulnerabilities to its KEV catalog.
CISA has yet to respond to SC Media’s inquiry on whether it will add them, or if they plan to do so.
CISA published the KEV catalog in November 2021 to help organizations manage vulnerabilities and prioritize remediation for free. It started with 287 vulnerabilities and it is now a repository of 866 CVEs.
Mukkamala said all researchers should actively collaborate with CISA and contribute to expanding the KEV catalog.
“KEV is the authoritative source of exploited vulnerabilities. We benefit from this best service without having to pay for it. So as defenders, why don’t we give back by sharing our knowledge and information with CISA?” he…
One-Fifth of Software Has a Severe Security Flaw
Nearly a fifth of software scanned during the past year has a serious security flaw, according to a new report from application security company Veracode, released this morning.
The study draws on scans of 759,000 applications that Veracode customers conducted with the company’s platform during the past 12 months. Overall, 74 percent of the scanned applications had at least one flaw, and 19 percent had an issue deemed “high or critical severity.” The report defined a flaw as “an implementation defect that can lead to a vulnerability.”
“When you download an application onto your computer, almost 20 percent of the time you’re getting a high-risk [flaw] that at some point in the future will eventually be discovered and a patch will probably be issued,” Veracode CTO and founder Chris Wysopal told Government Technology.
The high portion of software bearing flaws is not unusual — such figures align with Veracode’s findings from previous years, Wysopal said.
Even so, the figures may be an undercount, said the company’s chief research officer, Chris Eng. The report only captures data about software that Veracode customers deemed important enough to scan. Any issues in lower-priority applications would not be reflected.
“There are all the applications that are not business critical enough — or they don’t have scanning in their budget, or for whatever reasons there’s not visibility at this level — they’re not being scanned at all, perhaps,” Eng said. “They’re generating even more security attack vectors than these ones are.”
SOFTWARE LIFE CYCLE: THE 4-YEAR MARK
Fixing flaws isn’t a one-and-done affair, and applications need active maintenance, but they aren’t always getting that throughout their life cycles, the report found.
Organizations appear to more readily address vulnerabilities in new software, according to the report. Roughly 30 percent of applications showed flaws when first scanned. But ensuing scans made “shortly after” turned up issues in only 22 percent, suggesting organizations acted to fix the problems. Similarly, a Veracode press release states that “nearly 80 percent…