• @foggy
    link
    English
    328 months ago

    Dude something fucking wild is brewing in cyber warfare. I can feel it in my news feed.

    • @[email protected]
      link
      fedilink
      English
      23
      edit-2
      8 months ago

      April has been wild so far, like 4 high profile vulnerabilities:

      • xz - mostly impacted ssh
      • Windows batch files
      • php via glibc
      • GitHub malware hosting

      And now this. I’m probably missing some as well.

      • @[email protected]
        link
        fedilink
        English
        158 months ago

        Yep, you forgot Palo Alto’s GlobalProtect telemetry allowing for remote code execution. A perfect 10.

    • @HootinNHollerin
      link
      English
      1
      edit-2
      8 months ago

      China and Russia preparing to strike when election turmoil is ripe

  • AutoTL;DRB
    link
    fedilink
    English
    118 months ago

    This is the best summary I could come up with:


    Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Cisco firewalls in a five-month-long campaign that breaks into government networks around the world, researchers reported Wednesday.

    These devices are ideal targets because they sit at the edge of a network, provide a direct pipeline to its most sensitive resources, and interact with virtually all incoming communications.

    Those characteristics, combined with a small cast of selected targets all in government, have led Talos to assess that the attacks are the work of government-backed hackers motivated by espionage objectives.

    “Our attribution assessment is based on the victimology, the significant level of tradecraft employed in terms of capability development and anti-forensic measures, and the identification and subsequent chaining together of 0-day vulnerabilities,” Talos researchers wrote.

    “Regardless of your network equipment provider, now is the time to ensure that the devices are properly patched, logging to a central, secure location, and configured to have strong, multi-factor authentication (MFA),” the researchers wrote.

    It stems from improper validation of files when they’re read from the flash memory of a vulnerable device and allows for remote code execution with root system privileges when exploited.


    The original article contains 533 words, the summary contains 191 words. Saved 64%. I’m a bot and I’m open source!

  • @IHawkMike
    link
    English
    78 months ago

    ASAs are still way more prevalent than they should be when Palo Alto and others are much better options. Still, I’m glad I barely have to deal with them any more.

    • @pete_the_cat
      link
      English
      78 months ago

      Palo Alto just had their own massive flaw exposed.

      • @IHawkMike
        link
        English
        18 months ago

        Oh yeah. They all do/will. But they are still better firewalls than ASAs.