this post was submitted on 24 Apr 2024
126 points (97.0% liked)

Technology

59589 readers
2936 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 8 comments
sorted by: hot top controversial new old
[–] foggy@lemmy.world 32 points 7 months ago (2 children)

Dude something fucking wild is brewing in cyber warfare. I can feel it in my news feed.

[–] sugar_in_your_tea@sh.itjust.works 23 points 7 months ago* (last edited 7 months ago) (1 children)

April has been wild so far, like 4 high profile vulnerabilities:

  • xz - mostly impacted ssh
  • Windows batch files
  • php via glibc
  • GitHub malware hosting

And now this. I'm probably missing some as well.

[–] Lumilias@pawb.social 15 points 7 months ago

Yep, you forgot Palo Alto’s GlobalProtect telemetry allowing for remote code execution. A perfect 10.

[–] HootinNHollerin@lemmy.world 1 points 7 months ago* (last edited 7 months ago)

China and Russia preparing to strike when election turmoil is ripe

[–] autotldr@lemmings.world 11 points 7 months ago

This is the best summary I could come up with:


Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Cisco firewalls in a five-month-long campaign that breaks into government networks around the world, researchers reported Wednesday.

These devices are ideal targets because they sit at the edge of a network, provide a direct pipeline to its most sensitive resources, and interact with virtually all incoming communications.

Those characteristics, combined with a small cast of selected targets all in government, have led Talos to assess that the attacks are the work of government-backed hackers motivated by espionage objectives.

“Our attribution assessment is based on the victimology, the significant level of tradecraft employed in terms of capability development and anti-forensic measures, and the identification and subsequent chaining together of 0-day vulnerabilities,” Talos researchers wrote.

“Regardless of your network equipment provider, now is the time to ensure that the devices are properly patched, logging to a central, secure location, and configured to have strong, multi-factor authentication (MFA),” the researchers wrote.

It stems from improper validation of files when they’re read from the flash memory of a vulnerable device and allows for remote code execution with root system privileges when exploited.


The original article contains 533 words, the summary contains 191 words. Saved 64%. I'm a bot and I'm open source!

[–] IHawkMike@lemmy.world 7 points 7 months ago (1 children)

ASAs are still way more prevalent than they should be when Palo Alto and others are much better options. Still, I'm glad I barely have to deal with them any more.

[–] pete_the_cat@lemmy.world 7 points 7 months ago (1 children)

Palo Alto just had their own massive flaw exposed.

[–] IHawkMike@lemmy.world 1 points 7 months ago

Oh yeah. They all do/will. But they are still better firewalls than ASAs.