A quick Saturday digest of cybersecurity news articles from other sources.
And the beat goes on. As researches discover more about the SolarWinds and Exchange exploits, the discovery of similar related attacks was inevitable.
FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
Original release date: April 2, 2021
The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services. Gaining initial access pre-positions the APT actors to conduct future attacks.
CISA encourages users and administrators to review Joint CSA AA21-092A: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks and implement the recommended mitigations.
PHP web language narrowly avoids “backdoor” supply chain attack
The crooks got in and added a backdoor to PHP, but it looks as though it was caught before any harm was done.
Whistleblower: Ubiquiti Breach “Catastrophic”
On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication. More…
Shadow IT is your organization’s next remote working nightmare
Employees are increasingly using their own devices and accounts to work from home – largely because it’s easier to do so. Yet this rise in ‘shadow IT’ puts corporate security at risk.
NFTs: A passing trend or here to stay? Americans and UK residents have very different opinions
Non-fungible tokens are the new way to buy all kinds of digital objects from original art and music to gifs and tweets.
DreamBus Botnet Infiltrating Enterprise Applications on Linux Servers
At its core, a botnet is a network of computers that have been hijacked from their users and infected with malware. The hackers can remotely control […]
The post DreamBus Botnet Infiltrating Enterprise Applications on Linux Servers appeared first on CHIPS.
APR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com