JD'S Memes

Federal cybersecurity authorities are worried about several zero-day vulnerabilities in gateways from IT company Ivanti.

An investigation by Ivanti has verified the issues, the company said, and it is working to release patches and mitigations. Hackers can exploit two newly found flaws to take over affected systems, warned the Cybersecurity and Infrastructure Security Agency (CISA). Threat actors have also been exploiting flaws to steal credentials or drop webshells that set them up to conduct further compromises.

CISA has ordered federal civilian executive branch agencies to disconnect all the effected Ivanti solutions from their networks. It has also told agencies to search and monitor for potential malicious activity related to the vulnerabilities and apply upgrades, among other response efforts. And while CISA cannot extend its emergency order to all users, the federal cybersecurity agency said it “strongly encourages all organizations” to review that guidance and follow the parts relevant to them.
Click to expand...

 
An advisory issued by the Cybersecurity and Infrastructure Security Agency warns that China-linked hackers have been operating inside certain U.S. systems for at least five years and are preparing to carry out destabilizing cyberattacks on critical infrastructure.

The notice was published in conjunction with other Western intelligence partners, including Australia and Canada, following an FBI operation announced last week that jettisoned the China-linked Volt Typhoon hacking campaign from botnet infrastructure that was helping the cyberspies burrow inside compromised routers and other hardware.

“Our evidence strongly suggests that the PRC actors are pre positioning to launch future disruptive or destructive cyber attacks that could cause impact to national security, economic security or public health and safety,” CISA Executive Assistant Director Eric Goldstein told reporters during a briefing on the advisory.

The hackers have been using “living off the land techniques” that allow them to hide inside systems and bypass detection, the report says, noting that they have breached American facilities in Guam, as well as other key infrastructure in facilities both inside and outside the U.S. The FBI operation targeted home internet routers in southern Texas and other locations redacted in official court documents.

Chinese embassy spokesperson Liu Pengyu previously denied the hacking attempts and turned the accusations against the U.S., encouraging the American intelligence community to stop “irresponsible criticism” against Beijing.

860x394.jpg

 
You must log in or register to reply here.
Back
Top