CERT Coordination Center – WindowsTechs.com

Zyxel Fixes 0day in Network Storage Devices

Posted on February 24, 2020 by BrianKrebs

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground.

Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale. Continue reading Zyxel Fixes 0day in Network Storage Devices→

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Posted on January 13, 2020 by BrianKrebs

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020. Continue reading Cryptic Rumblings Ahead of First 2020 Patch Tuesday→

DHS alerts industry to insecure enterprise VPN apps

Posted on April 12, 2019 by Sean Lyngaas

The Department of Homeland Security on Friday alerted the public to a vulnerability in multiple virtual private network applications that could give a hacker access to other apps running on a VPN connection. The flaw involves the insecure storage of cookies in memory or in log files, and affects enterprise VPN apps made by Cisco, F5 Networks, Palo Alto Networks, and Pulse Secure. Other vendors could be affected because the configuration issue is likely “generic” to other VPN apps, according to an advisory cited by DHS from Carnegie Mellon University’s CERT Coordination Center. “If an attacker has persistent access to a VPN user’s endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods,” CERT CC said. “An attacker would then have access to the same applications that the user does through their VPN session.” While Palo Alto Networks had patched its VPN […]

The post DHS alerts industry to insecure enterprise VPN apps appeared first on CyberScoop.

Continue reading DHS alerts industry to insecure enterprise VPN apps→

Who Makes the IoT Things Under Attack?

Posted on October 3, 2016 by BrianKrebs

As KrebsOnSecurity observed over the weekend, the source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released. Here’s a look at which devices are being targeted by this malware. Continue reading Who Makes the IoT Things Under Attack?→