Citrix Patches Critical Vulnerability in ADC, Gateway
The most severe of the two bugs is CVE-2021-22955, a critical security hole that could lead to a DoS condition on appliances that have been configured as a VPN (Gateway) or AAA virtual server. The security flaw was identified in Citrix Application Delivery Controller (ADC, formerly NetScaler ADC), and Gateway (formerly NetScaler Gateway). Tracked as…
Many Healthcare, OT Systems Exposed to Attacks by NUCLEUS:13 Vulnerabilities
Collectively referred to as NUCLEUS:13, the issues likely affect safety-critical devices, such as anesthesia machines, patient monitors and other types of devices used in healthcare. Other types of operational technology (OT) systems are also impacted. The most important of the newly identified issues is CVE-2021-31886 (CVSS score of 9.8), a stack-based buffer overflow that exists…
Device Exploits Earn Hackers Over $1 Million at Pwn2Own Austin 2021
Pwn2Own Austin has focused on hacking devices and ZDI described it as the largest Pwn2Own to date. White hat hackers earned $362,500 on the first day of the event, $415,000 on the second day, $238,750 on the third day, and $65,000? on the fourth day. Sixty-one bugs were disclosed at the contest — exploits typically…
FBI: Ransomware Attacks Exploit Financial Business Events
Ransomware actors are known for performing extensive research prior to launching an attack on victims, using publicly available information, along with material non-public data. Should the victim refrain from paying the ransom, the attackers threaten to disclose the gathered information publicly, thus attempting to extort the victim, the FBI warned. “Ransomware actors are targeting companies…
Shrootless: macOS Vulnerability Found by Microsoft Allows Rootkit Installation
Tracked as CVE-2021-30892 and named “Shrootless” by Microsoft, the vulnerability exists in the method used to install Apple-signed packages with post-install scripts. To successfully exploit the vulnerability, an attacker needs to create a specially crafted file that would allow them to hijack the installation process of said packages. Apple introduced SIP in macOS Yosemite to…
You’ve Just Been Ransomed … Now What?
Seemingly every day, a new organization announces they’ve been hit by a ransomware attack. The agnostic nature of ransomware leaves no industry immune to vulnerabilities. Be it school systems, healthcare providers, or government agencies, the battlegrounds are increasingly widespread. Companies should operate not on a basis of if they’ll be hit, but when. Executives and…
SolarWinds Outlines ‘Triple Build’ Software Development Model to Secure Supply Chain
In the SolarWinds incident, up to 18,000 companies could have received the malware injected into the SolarWinds software. Not all could have been affected. Many of these ‘victims’ did not install the infected version, and many others did so on servers with no internet connectivity. Of those companies that did receive the Nobelium Sunburst malware,…
Fuji Electric Patches Vulnerabilities in Factory Monitoring Software
The security holes, identified by a researcher who uses the online moniker “kimiya,” were discovered in the Tellus Lite V-Simulator and V-Server Lite products, which are used worldwide to remotely monitor and operate factories. Versions prior to 4.0.12.0 are affected. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday published an advisory to inform…
North Korean Hackers Targeting IT Supply Chain: Kaspersky
As part of the observed attacks, the group used an updated DeathNote malware cluster, which includes a slightly modified version of BLINDINGCAN, a piece of malware that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) associated with the group. A new variant of COPPERHEDGE, which Lazarus has been using for at least two years, was…
Targets and Prizes Announced for 2022 ICS-Themed Pwn2Own
Pwn2Own Miami 2022 is scheduled to take place on January 25-27, 2022, and it has four main target categories: control server, OPC UA server, data gateway, and human-machine interface (HMI). In the control server category, participants can earn up to $20,000 for hacking Iconics Genesis64 and Inductive Automation Ignition products. In the OPC UA category,…
