many parts make the whole
A novel VPN attack being called TunnelVision is able to force encrypted VPN traffic to route outside of the secure tunnel, potentially allowing a bad actor to intercept communication thought to be encrypted and secure. According to researchers the vulnerability may have existed since as early as 2002. The attack does not appear to effect … Read More “NOVEL VPN ATTACK FORCES TRAFFIC OUTSIDE OF ENCRYPTED TUNNEL” »
In a recent court case Marriott has revealed that it was actually securing data using SHA-1 and not the more secure AES-128 encryption algorithm. Marriott was arguing that the encryption they were using was so strong the case against them should have been dismissed, however they recently revealed they were actually using SHA-1 at the … Read More “MARRIOTT ADMITS IT FALSELY CLAIMED IT WAS USING ENCRYPTION” »
A state-sponsored threat actor group has apparently leveraged two zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) to gain access to government systems and conduct espionage. Cisco is calling the campaign ArcaneDoor and based on the sophistication of the attacks their security division, Talos, believes it to be a state-sponsored group they are calling UAT4356. … Read More “ZERO-DAY VULNERABILITY IN Cisco Adaptive Security Appliances ALLOWS ACCESS TO GOVERNMENT NETWORKS – ArcaneDoor” »
Frontier Communications was forced to shut down some of their IT systems following a cyberattack to prevent threat actors from laterally moving through their network. Attackers did have access to PII data but it is not clear if that data was related to employees or clients. The company is saying the attack did not disrupt … Read More “FRONTIER COMMUNICATIONS SHUTS DOWN SERVICES DUE TO CYBERATTACK” »
Researchers at the University of Illinois Urbana-Champaign have found that OpenAI’s Chat GPT-4 is capable of producing working exploits for most public vulnerabilities simply by reading about them in CVEs and other online sources. They tested the agent on known vulnerabilities with High or Sever CVE scores effecting Python packages, websites, containers and other bugs. … Read More “MOST VULNERABILITIES CAN BE EXPLOITED BY GPT-4 BY READING THREAT ADVISORIES” »
A vulnerability exists that could allow a bad actor to bypass authentication and gain admin access to Delinea Secret Server which is a Privileged Access Management solution. Attackers could potentially extract secrets. The vulnerability exists in the Secret Server SOAP API. Information on the vulnerability and a PoC are already available from a blog post … Read More “CRITICAL VULNERABILITY IN Delinea Secret Server ALLOWS AUTH BYPASS” »
Evan Boehs has provided a detailed analysis and timeline of the xz Utils backdoor. Evan has gone in detail into the why of the compromise, how the threat actor leveraged the culture of the open source software community to gain the trust and experience needed to attempt rolling a malicious backdoor out to a very … Read More “ADDITIONAL ANALYSIS ON THE xz Utils BACKDOOR” »
Malicious code has been detected in xz Utils that appears to be intended to create a backdoor in sshd. xz Utils is a common compression utility used in many Linux distros including Debian and Red Hat. according to a researcher from Analygence the malicious versions of xz Utils were not added to production versions of … Read More “BACKDOOR IN WIDELY USED Linux UTILITY TARGETS SSH CONNECTIONS” »
In the wake of an attack on Change Healthcare UnitedHealth Group has paid out over $2 billion to help effected health-care providers. Change Healthcare handles prescriptions and billing for more than 67,000 pharmacies in the U.S. A ransomware attack beginning February 21st caused widespread outages to hospitals and pharmacies across the U.S. Change Healthcare took … Read More “UnitedHealth Group HAS PAID OVER $2 BILLION FOLLOWING CYBERATTACK” »
The big news this past week was a ransomware attack against MGM Resorts and Caesar’s Entertainment. The attacks have both been attributed to ALPHV and apparently Caesar’s quickly paid the ransom, (which may have been tens of millions according to bloomberg), while MGM seems to have refused to pay up and is still having issues … Read More “MGM AND CAESARS RANSOMWARE ATTACKS” »