Tag Archive for: Thousands

New Mexico institutions pay out thousands to recover from ransomware

/in


You’ve likely heard about ransomware before. It’s malware that hackers can use to seize control of computers, and then they demand money to give that access back.

ALBUQUERQUE, N.M. — You’ve likely heard about ransomware before. It’s malware that hackers can use to seize control of computers, and then they demand money to give that access back.

Emergency procurement documents show New Mexico Highlands University recently had to pay out around $80,000 to get help recovering from an attack.

The New Mexico Administrative Office of the District Attorneys was also hit, and they had to pay around $60,000. That money went to hiring an expert to help them recover data without paying a ransom, and to figure out how the hackers go into the system in the first place.

“They’re attacking different organizations and using those attacks in different ways,” said Lorie Liebrock, director of the New Mexico Cybersecurity Center of Excellence. “So for some organizations, they’re using it to collect ransom because they’re forcing the person they’ve attacked, the company they’ve attacked, by saying, you’re going to have to report this legally. We’ve got you over a barrel, because if you don’t pay us, we’re going to out you. You didn’t report something.”

Liebrock says anytime you have a large digital data set, you’re far more likely to be a target for hackers. She says there is federal funding available through the State and Local Cybersecurity Grant Program to help states improve their cybersecurity.

Source…

Critical D-Link Security Flaws Leaves Thousands Of These Storage Devices Vulnerable To Hacks

/in


end of life d link nas vulnerability allow code execution

End-of-life hardware can be quite the problem at times, even crashing back into Earth’s atmosphere at supersonic speeds for that matter. Of course, we wouldn’t expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have serious security vulnerabilities that might not get patched due to its end-of-life status with the manufacturer. This is precisely what some D-Link networked attached storage (NAS) owners are finding out after a critical vulnerability was discovered, affecting up to 10s of thousands of devices still connected to the internet.

Roughly two weeks ago, researchers discovered a chain of vulnerabilities in several D-Link NAS devices including “DNS-340L, DNS-320L, DNS-327L, and DNS-325, among others.” The issues live with nas_sharing.cgi, which has a backdoor thanks to hardcoded credentials and command injection through the system parameter. These combined would allow for arbitrary code execution on the afflicted devices, allowing an attacker access to information, denial of service, or otherwise.

92k end of life d link nas vulnerability allow code execution

According to the researchers with NetSecFish, up to 92,000 D-Link devices are exposed to the internet and vulnerable to attackers. Shodan shows that there are significantly fewer exposed devices and fewer still that are tagged as end-of-life. Regardless, in response to the vulnerabilities, D-Link posted a notice explaining that the “exploit affects a legacy D-Link products and all hardware revisions, which have reached their End of Life (“EOL”)/End of Service Life (“EOS”) Life-Cycle.” As such, the recommendation for affected systems is to retire or replace them, as there will not be an update coming from the company.

Of course, you can also always ensure that the NAS devices are not exposed to the internet and simply use them internally, but there’s no guarantee that your data is safe. Thus, we would also recommend upgrading your storage server to something more current (16TB Buffalo NAS), to help prevent these types of security issues.

Source…

Unjected Data Breach: Security Lapse Exposes Thousands of User Accounts

/in


Unjected, the controversial anti-vaccine dating platform, faces another bout of scrutiny as a recent security breach exposes the private data of over 35,000 users. 

The latest security problem, discovered by security researcher GeopJr, tackles alarming vulnerabilities within the platform’s infrastructure. It could compromise user privacy and safety.

Unjected Hit by a Glitch

Unjected Data Breach: Security Lapse Exposes Thousands of User Accounts

(Photo : Mufid Majnun from Unsplash) 

Unjected, a popular website that promotes anti-vaccine campaigns is now under attack by a glitch. The latest security issue exposes confidential information of some users.


GeopJr’s investigation reveals critical flaws in Unjected’s security measures, allowing unauthorized access to sensitive user information. The breach exposes personal details, including full names, birthdates, email addresses, and location data of thousands of users. Moreover, authentication issues enable malicious actors to manipulate user profiles and access private messages exchanged on the platform.

Related Article: Issue-Plagued AirPower Charges Apple Watch For the First Time: Is this an Upgraded Prototype?

History of Security Concerns

This isn’t the first time Unjected has faced security-related controversies. In July 2022, GeopJr uncovered an open administrator dashboard, granting unauthorized access to crucial site functionalities. Despite attempts to rectify the issue, subsequent glitches and outages persisted, raising concerns among users regarding data protection.

Persistent Security Lapses

Despite being alerted to the security vulnerabilities by GeopJr and the Daily Dot, Unjected has failed to address the issues adequately. Efforts to patch the leak inadvertently exacerbated the situation, introducing additional vulnerabilities, including unauthorized account deactivation.

User Concerns and Insecurity

The breach has left users apprehensive about their privacy and safety on the platform. Direct messages reveal widespread distrust and unease among users regarding Unjected’s security practices. Concerns range from potential government surveillance to fears of hacking and data exploitation.

Response and Lack of Transparency

Blackbaud Must Improve its Poor Security, Data Retention Practices to Avoid Future Breaches, Says FTC

(Photo :…

Source…

Thousands of Asus routers taken over by malware to form new proxy service

/in


Thousands of old, outdated Asus routers are being targeted by a new version of “TheMoon” malware botnet, turning them into a network of devices used by a criminal residential proxy service.

Researchers from Black Lotus Labs claim the campaign started in early March 2024 and within 72 hours, compromised roughly 6,000 Asus routers. 

Source…