Latest News Articles
--- TLP:WHITE ---
News
− Microsoft criticised for security failure that led to China's cyberattack on Exchange Online
CISA calls for 'fundamental, security-focused reforms', delaying work on other software A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558"
https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf− Location Tracking on the Battlefield
Cathal Mc Daid discusses mobile device tracking technologies as used in a hostile area.
https://info.enea.com/tracking_on_the_battlefield_reportVulnerabilities
− Multiple Vulnerabilities Disclosed in Ivanti Products
Vulnerabilities have been discovered in Ivanti Connect Secure (ICS), (formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways and a patch is available now.
https://www.ncsc.gov.ie/pdfs/2404050146_Multiple_Vulnerabilities_Disclosed_in_Ivanti_Products.pdf− Critical Vulnerability in XZ Utils (CVE-2024-3094)
Malicious code was discovered in the upstream tarballs of xz. XZ is a general purpose data compression format present in nearly every Linux distribution, both community projects and commercial product distributions. The xz-utils include the liblzma library used by various software including sshd which is one of the known techniques to abuse the backdoor.
https://www.ncsc.gov.ie/pdfs/2403290139_Critical_vulnerability_in_XZ_Utils.pdf− These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb
The German Federal Office for Information Security (BIS) has issued an urgent alert about the poor state of Microsoft Exchange Server patching in the country. (Alert is in German)
https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2024/240326_Tausende_Exchange-Server_verwundbar.html− Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack
The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021.
https://thehackernews.com/2024/03/finland-blames-chinese-hacking-group.html− New XZ backdoor scanner detects implant in any Linux binary
Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094.
https://www.bleepingcomputer.com/news/security/new-xz-backdoor-scanner-detects-implant-in-any-linux-binary/− Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks
IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways.
https://www.bleepingcomputer.com/news/security/ivanti-fixes-vpn-gateway-vulnerability-allowing-rce-dos-attacks/--- TLP:WHITE ---