Acronis Cyber Protection Center

Cyberthreats and cybersecurity insights
Acronis Blog →
Covers information to help protect your data
Acronis BlogAcronis Cyber Protection Center
Vulnerabilities list

Most recent on Vulnerabilities list

Select
December 13, 2021 — 4 min read
Acronis
December 13, 2021 — 4 min read
Critical Apache Log4j vulnerability discovered — here's what you need to know
Late last week, a critical zero-day vulnerability in the popular Java logging library Log4j surfaced when attackers were observed exploiting Minecraft servers via the game’s chat box. It has since become clear that the vulnerability in question poses perhaps the largest security threat we’ve seen in years.Details are still unfolding, but here’s what we know now.
Explore in detail
Malware analysisIncident reportsIndustry insightsSolutions and technologiesClient educationTips and tricksVulnerabilities listNews archiveBrowse all stories
August 10, 2021 — 4 min read
Acronis
August 10, 2021 — 4 min read
LockBit is recruiting employees to breach corporate networks
The ransomware arms race continues to thrive as LockBit gangs recruit corporate insiders to help them breach and encrypt networks, offering employees hefty payouts in exchange for their help. LockBit recently made news when they hit the UK’s Merseyrail this past April.
July 14, 2021 — 5 min read
Acronis
July 14, 2021 — 5 min read
Acronis protects customer’s server in REvil attack on Kaseya
The recent supply-chain attack on Kaseya by the REvil ransomware group impacted dozens of managed service providers (MSPs) who rely on Kaseya VSA, as well as thousands of small businesses that are managed by those MSPs. While the initial ransom demand was dropped from $70 million to $50 million, the pain and frustration of those targeted rose steadily during the incident.
May 29, 2021 — 2 min read
Acronis
May 29, 2021 — 2 min read
SolarWinds hackers launch new attacks, warns Microsoft
The Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale spear phishing campaign driven by Nobelium — the threat actors behind the recent SolarWinds attacks and the SUNBURST backdoor used in those strikes. Nobelium continues its attacks on U.S. agencies and the private organizations in their sphere. The group managed to hijack an email distribution account used by the United States Agency for International Development (USAID), sending thousands of authentic-looking but malware-laden messages to a variety of human rights groups, think tanks, and other organizations.
January 20, 2021 — 3 min read
Acronis
January 20, 2021 — 3 min read
Malwarebytes targeted by cyberattack group that hit SolarWinds
You don’t have to work in cybersecurity to be aware of the recent discovery that a sophisticated state actor had potentially compromised tens of thousands of private companies and government institutions in the Americas, Europe, and the Middle East. The means was a software supply-chain: attackers breached the software distribution infrastructure of tech vendor SolarWinds, embedding malware in its popular Orion network management tool. When customers downloaded the latest Orion product update, the malware surreptitiously spread throughout their organizations, in many cases finding and forwarding sensitive data to external servers controlled by the attackers. Now comes news that SolarWinds was not the only victim of this Advanced Persistent Threat (APT) attack. Cybersecurity vendor Malwarebytes disclosed earlier this week that it had also been victimized by the same threat actors.
December 23, 2020 — 7 min read
Acronis
December 23, 2020 — 7 min read
Defending against supply chain attacks like the SolarWinds breach
The success of the massive SolarWinds supply-chain attack presents an urgent new cybersecurity challenge to every business. We plumb the tactics used in the SolarWinds breach and show how Acronis defends against it and similar attacks.
December 18, 2020 — 4 min read
Acronis
December 18, 2020 — 4 min read
Cyberthreat update from Acronis CPOCs: Week of December 14, 2020
Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.
December 15, 2020 — 2 min read
Acronis
December 15, 2020 — 2 min read
Acronis Security Advisory: SUNBURST breaches SolarWinds’ Orion software to launch supply-chain attack
Following reports that SolarWinds’ Orion business software was compromised and used in a supply-chain attack by SUNBURST malware. The distributed malware then used elevated credentials gained by compromising network traffic management systems to target FireEye, a cybersecurity firm, and several U.S. government agencies. Details of the attack are available from the Cybersecurity and Infrastructure Security Agency (CISA). While not affected by this event, Acronis wants to reassure partners and customers that we have a strict, secure software development life cycle (SDLC) in place, which we continuously strengthen, to ensure our solutions are safe, secure, and reliable.
December 2, 2020 — 4 min read
Acronis
December 2, 2020 — 4 min read
Acronis Cyberthreats Report: 2021 will be the “Year of Extortion”
They say those who don’t learn from history are doomed to repeat it – and no one wants to repeat 2020. That’s why, as the end of the year approaches, the experts at our global network of Acronis Cyber Protection Operations Centers (CPOCs) have gathered their research, findings, and observations from the past year to create the Acronis Cyberthreats Report 2020.
October 29, 2020 — 4 min read
Acronis
October 29, 2020 — 4 min read
FBI warns of large-scale ransomware threat to the U.S. healthcare industry
The threat of a large-scale ransomware attack once again grabbed headlines in the mainstream press as the U.S.’s Federal Bureau of Investigations, Department of Homeland Security, and Department of Health and Human Services warned that cybercriminals were targeting American healthcare providers. The alert, which was issued Wednesday, warned that there was “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers” focused on “data theft and disruption of healthcare services.” The warning comes as hospitals, medical facilities, and healthcare workers around the country are faced with spiking cases of COVID-19. The timing is no accident, as cybercriminals are leveraging the need for these healthcare providers to have access to their data and systems.
September 9, 2020 — 5 min read
Acronis
September 9, 2020 — 5 min read
Acronis Cyber Readiness Report: Pandemic reveals cybersecurity gaps, need for new solutions
The newly released Acronis Cyber Readiness Report reveals that organizations continue to struggle to protect their data and infrastructure against the new challenges of the remote work landscape. It also also underscored how new solutions are required – with 92% of surveyed companies reporting they had to adopt new technologies to enable remote work, including workplace collaboration tools, privacy solutions, and endpoint cybersecurity.
August 13, 2020 — 5 min read
Acronis
August 13, 2020 — 5 min read
Top cyberthreat against macOS now installs adware with a Python script
The first examples of the Shlayer malware family were discovered in February 2018. Since then, it has become the most popular macOS first-stage trojan-downloader.