Cyber Protection Operation Center

Cyberthreats and cybersecurity insights

Cyber Protection Operation Center

Vulnerabilities list

Most recent on Vulnerabilities list

13 December 2021 — 4 min read

Acronis

13 December 2021 — 4 min read

Critical Apache Log4j vulnerability discovered — here's what you need to know

Late last week, a critical zero-day vulnerability in the popular Java logging library Log4j surfaced when attackers were observed exploiting Minecraft servers via the game’s chat box. It has since become clear that the vulnerability in question poses perhaps the largest security threat we’ve seen in years.Details are still unfolding, but here’s what we know now.

10 August 2021 — 4 min read

Acronis

10 August 2021 — 4 min read

LockBit is recruiting employees to breach corporate networks

The ransomware arms race continues to thrive as LockBit gangs recruit corporate insiders to help them breach and encrypt networks, offering employees hefty payouts in exchange for their help. LockBit recently made news when they hit the UK’s Merseyrail this past April.

14 July 2021 — 5 min read

Acronis

14 July 2021 — 5 min read

Acronis protects customer’s server in REvil attack on Kaseya

The recent supply-chain attack on Kaseya by the REvil ransomware group impacted dozens of managed service providers (MSPs) who rely on Kaseya VSA, as well as thousands of small businesses that are managed by those MSPs. While the initial ransom demand was dropped from $70 million to $50 million, the pain and frustration of those targeted rose steadily during the incident.

29 May 2021 — 2 min read

Acronis

29 May 2021 — 2 min read

SolarWinds hackers launch new attacks, warns Microsoft

The Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale spear phishing campaign driven by Nobelium — the threat actors behind the recent SolarWinds attacks and the SUNBURST backdoor used in those strikes. Nobelium continues its attacks on U.S. agencies and the private organizations in their sphere. The group managed to hijack an email distribution account used by the United States Agency for International Development (USAID), sending thousands of authentic-looking but malware-laden messages to a variety of human rights groups, think tanks, and other organizations.

02 February 2021 — 4 min read

Acronis

02 February 2021 — 4 min read

Acronis Cyberthreats Report: 2021 is the “Year of Blackmail”

Autor: Peter Hale, Date: 2. December 2020 Those who do not learn anything from history are doomed to repeat it. Nobody wants to repeat 2020. Thus, the experts of our worldwide Acronis CPOC network (Cyber Protection Operation Centre) have summarized their research results and observations from the past year in the Acronis Cyberthreats Report 2020

20 January 2021 — 3 min read

Acronis

20 January 2021 — 3 min read

Malwarebytes targeted by cyberattack group that hit SolarWinds

You don’t have to work in cybersecurity to be aware of the recent discovery that a sophisticated state actor had potentially compromised tens of thousands of private companies and government institutions in the Americas, Europe, and the Middle East. The means was a software supply-chain: attackers breached the software distribution infrastructure of tech vendor SolarWinds, embedding malware in its popular Orion network management tool. When customers downloaded the latest Orion product update, the malware surreptitiously spread throughout their organizations, in many cases finding and forwarding sensitive data to external servers controlled by the attackers. Now comes news that SolarWinds was not the only victim of this Advanced Persistent Threat (APT) attack. Cybersecurity vendor Malwarebytes disclosed earlier this week that it had also been victimized by the same threat actors.

23 December 2020 — 7 min read

Acronis

23 December 2020 — 7 min read

Defending against supply chain attacks like the SolarWinds breach

The success of the massive SolarWinds supply-chain attack presents an urgent new cybersecurity challenge to every business. We plumb the tactics used in the SolarWinds breach and show how Acronis defends against it and similar attacks.

18 December 2020 — 4 min read

Acronis

18 December 2020 — 4 min read

Cyberthreat update from Acronis CPOCs: Week of December 14, 2020

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.

15 December 2020 — 2 min read

Acronis

15 December 2020 — 2 min read

Acronis Security Advisory: SUNBURST breaches SolarWinds’ Orion software to launch supply-chain attack

Following reports that SolarWinds’ Orion business software was compromised and used in a supply-chain attack by SUNBURST malware. The distributed malware then used elevated credentials gained by compromising network traffic management systems to target FireEye, a cybersecurity firm, and several U.S. government agencies. Details of the attack are available from the Cybersecurity and Infrastructure Security Agency (CISA). While not affected by this event, Acronis wants to reassure partners and customers that we have a strict, secure software development life cycle (SDLC) in place, which we continuously strengthen, to ensure our solutions are safe, secure, and reliable.

29 October 2020 — 4 min read

Acronis

29 October 2020 — 4 min read

FBI warns of large-scale ransomware threat to the U.S. healthcare industry

The threat of a large-scale ransomware attack once again grabbed headlines in the mainstream press as the U.S.’s Federal Bureau of Investigations, Department of Homeland Security, and Department of Health and Human Services warned that cybercriminals were targeting American healthcare providers. The alert, which was issued Wednesday, warned that there was “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers” focused on “data theft and disruption of healthcare services.” The warning comes as hospitals, medical facilities, and healthcare workers around the country are faced with spiking cases of COVID-19. The timing is no accident, as cybercriminals are leveraging the need for these healthcare providers to have access to their data and systems.

09 September 2020 — 6 min read

Acronis

09 September 2020 — 6 min read

Acronis Cyber Readiness Report: Pandemic reveals cybersecurity gaps, need for new solutions

The newly released Acronis Cyber Readiness Report reveals that organizations continue to struggle to protect their data and infrastructure against the new challenges of the remote work landscape. It also also underscored how new solutions are required – with 92% of surveyed companies reporting they had to adopt new technologies to enable remote work, including workplace collaboration tools, privacy solutions, and endpoint cybersecurity.

13 August 2020 — 5 min read

Acronis

13 August 2020 — 5 min read

Top cyberthreat against macOS now installs adware with a Python script

The first examples of the Shlayer malware family were discovered in February 2018. Since then, it has become the most popular macOS first-stage trojan-downloader.