May 23, 2024 at 05:21PM
Attackers have backdoored the widely used Justice AV Solutions (JAVS) software, used in courtroom video recording, with malware. JAVS removed the compromised version from its website and conducted a full audit. Cybersecurity company Rapid7 traced the incident and advised reimaging potentially compromised JAVS endpoints and upgrading to the latest safe version.
After reviewing the meeting notes, here are the key takeaways:
– The Justice AV Solutions (JAVS) courtroom video recording software installer was backdoored with malware, allowing attackers to compromise systems.
– JAVS has taken steps to address the issue, including removing the compromised version from its official website, conducting a full audit of all systems, and resetting all passwords to prevent future breach attempts.
– Cybersecurity company Rapid7 investigated the incident, which is now tracked as CVE-2024-4978, and identified the Rustdoor/GateDoor malware as the source of the trojanized installer.
– Rapid7 recommended that all potentially compromised JAVS endpoints be reimaged, and JAVS customers should reset all credentials used to log onto these endpoints and upgrade the JAVS Viewer software to version 8.3.9 or higher.
– The company also warned that simply uninstalling the software is insufficient, as attackers may have implanted additional backdoors or malware, stressing the importance of completely re-imaging affected endpoints and resetting associated credentials.
These takeaways highlight the severity of the supply chain incident and the necessary actions to mitigate the impact, safeguard systems, and prevent further compromise.