FBI: Avoslocker ransomware targets US critical infrastructure
The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors. [...]
Security warnings identify potential threats, unsafe configurations, or urgent weaknesses so organizations can assess risk and take protective action.
Search across headline titles and summaries.
Background for this topic.
Warning is a notification that a security-relevant condition may require attention, such as a newly disclosed vulnerability, suspicious authentication activity, malicious campaign, unsafe configuration, or deceptive message. In security news, the term commonly covers public advisories and threat-intelligence notices as well as operational alerts generated by defensive systems; it does not by itself prove that an attack or compromise has occurred.
Practitioners should assess the warning’s source, affected products or environments, evidence, severity, exploitability, and recommended action. Vulnerability warnings may require identifying exposed assets, applying a fix or mitigation, and checking for exploitation; campaign warnings may provide indicators for detection and investigation. Alerts should be triaged against logs and other evidence, with significant findings routed into incident response. Because attackers can imitate urgent security notices, recipients should verify requests and access instructions through trusted channels, while excessive or poorly tuned alerts can create fatigue and obscure genuinely important signals.
The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors. [...]
Multiple ASUS router models are vulnerable to the Russia-linked Cyclops Blink malware threat, causing the vendor to publish an advisory with mitigations for the security risk. [...]
The European Union Aviation Safety Agency (EASA), EU's air transport safety and environmental protection regulator, warned today of intermittent outages affecting Global Navigation Satellite Systems (GNSS) linked to the Russian invasion of Ukraine. [...]
SolarWinds warned customers of attacks targeting Internet-exposed Web Help Desk (WHD) instances and advised removing them from publicly accessible infrastructure (likely to prevent the exploitation of a potential security flaw). [...]
The FBI says Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols. [...]
Ukraine's Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware. [...]
Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges. [...]