And the beat goes on. As researches discover more about the SolarWinds and Exchange exploits, the discovery of similar related attacks was inevitable.
Original release date: April 2, 2021
The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services. Gaining initial access pre-positions the APT actors to conduct future attacks.
CISA encourages users and administrators to review Joint CSA AA21-092A: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks and implement the recommended mitigations.
The crooks got in and added a backdoor to PHP, but it looks as though it was caught before any harm was done.
On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication. More…
Employees are increasingly using their own devices and accounts to work from home – largely because it’s easier to do so. Yet this rise in ‘shadow IT’ puts corporate security at risk.
Non-fungible tokens are the new way to buy all kinds of digital objects from original art and music to gifs and tweets.
At its core, a botnet is a network of computers that have been hijacked from their users and infected with malware. The hackers can remotely control […]
The post DreamBus Botnet Infiltrating Enterprise Applications on Linux Servers appeared first on CHIPS.