Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Security warning: Hackers are using this new malware to target firewall appliances - Best Business Review Site 2024

Security warning: Hackers are using this new malware to target firewall appliances

[ad_1]

Hackers linked to the Russian military are exploiting security vulnerabilities in firewalls to compromise network and infect them with malware, allowing them to remotely gain access.

An alert by the UK National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) has detailed the new malware, Cyclops Blink, attributing it to Sandworm, an offensive hacking operation they’ve previously linked to Russia’s GRU.

Analysis by the NCSC describes Cyclops Blink as a “a highly sophisticated piece of malware” which has been “professionally developed”.

Cyclops Blink appears to be a replacement for VPNFilter, malware which was used by state-linked Russian hacking groups in widespread attacks used to compromise network devices, predominantly routers, in order to access networks.

According to the NCSC, CISA, FBI and NSA, Cyclops Blink has been active since at least June 2019, and like VPNFilter before it, the targeting is described as “indiscriminate and widespread” with the ability to gain persistent remote access to networks.

It can also upload and download files from infected machines and it’s modular, allowing new functionality to be added to malware which is already running.

SEE: Cybersecurity: Let’s get tactical (ZDNet special report)

The cyber attacks are primarily focused on WatchGuard firewall devices, but the agencies warned that Sandworm is capable of re-purposing the malware to spread it via other architectures and firmware.

Cyclops Blink persists on reboot and throughout the legitimate firmware update process. It targets WatchGuard devices that were reconfigured from the manufacturer default settings to open remote management interfaces to external access.

An infection doesn’t mean the organisation is the primary target, but it’s possible that infected machines could be used to conduct additional attacks.

The NCSC urges affected organisation to take steps to remove the malware, which have been detailed by WatchGuard.

“Working closely with the FBI, CISA, DOJ, and UK NCSC., WatchGuard has investigated and developed a remediation for Cyclops Blink, a sophisticated state-sponsored botnet, that may have affected a limited number of WatchGuard firewall appliances,” said a WatchGuard statement.

“WatchGuard customers and partners can eliminate the potential threat posed by malicious activity from the botnet by immediately enacting WatchGuard’s 4-Step Cyclops Blink Diagnosis and Remediation Plan,” it added.

The NCSC warned that any passwords present on a device infected by Cyclops Blink should be assumed to be compromised and should be changed.

Other advice about protecting networks from cyber attacks includes avoiding the exposure of management interfaces of network devices to the internet, keeping devices up to date with the latest security patches and using multi-factor authentication.  

The NCSC notes that the advisory is not directly linked to the current situation in Ukraine.

MORE ON CYBERSECURITY

[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot