Supply Chain Attack: Major Linux Distributions Impacted by XZ Utils Backdoor

April 1, 2024 at 10:06AM Multiple major Linux distributions have been hit by a supply chain attack through XZ Utils data compression library, resulting in a backdoor for unauthenticated access. The attack affects various Linux distributions, with tools available to detect the malicious library. Reverting to an untainted version of XZ Utils eliminates the threat, … Read more

Red Hat warns of backdoor in XZ tools used by most Linux distros

March 29, 2024 at 01:55PM Red Hat issues urgent warning regarding backdoor discovered in the latest XZ Utils data compression tools and libraries in Fedora development versions. The malicious code, assigned a 10/10 critical severity score, compromises sshd authentication, potentially allowing unauthorized remote system access. Users are advised to revert to uncompromised version and monitor … Read more

Five Eyes tell critical infra orgs: take these actions now to protect against China’s Volt Typhoon

March 20, 2024 at 06:21AM The US government and international partners issued another warning about China’s Volt Typhoon cyber gang targeting critical infrastructure, advising protection measures. They emphasized guidance for non-technical senior leaders, urged cybersecurity best practices, and highlighted the importance of incident response plans and securing the supply chain. The advisory reiterated the gang’s … Read more

Mitsubishi Electric Factory Automation Flaws Expose Engineering Workstations

February 5, 2024 at 06:06PM Mitsubishi Electric identified high-severity authentication bypass and critical remote code execution vulnerabilities in several factory automation products. The impacted products include EZSocket, FR Configurator2, GT Designer3, GX and MT Works, MELSOFT Navigator, and MX. The company advised users to implement cybersecurity measures while it works on patches and released advisories … Read more

CISA: Vendors must secure SOHO routers against Volt Typhoon attacks

January 31, 2024 at 11:15AM CISA and the FBI have issued a warning to small office/home office (SOHO) router manufacturers to enhance security against attacks by Chinese state-backed hacking group Volt Typhoon. The agencies urge eliminating vulnerabilities, automating security updates, and safeguarding against Volt Typhoon activity. This follows ongoing attacks targeting U.S. critical infrastructure organizations … Read more

Juniper Networks Patches Vulnerabilities in Switches, Firewalls

January 30, 2024 at 09:42AM Juniper Networks has released patches for multiple vulnerabilities in the J-Web component of Junos OS. The most severe issue is a cross-site scripting flaw (CVE-2024-21620), with a CVSS score of 8.8. Another defect (CVE-2024-21619) could allow an unauthenticated attacker to access sensitive information. Two missing authentication bugs were also resolved. … Read more

CISA details twin attacks on federal servers via unpatched ColdFusion flaw

December 5, 2023 at 12:47PM CISA reported two server breaches at a federal agency due to an unpatched Adobe ColdFusion flaw (CVE-2023-26360). The attackers exploited the vulnerability for reconnaissance and malware deployment, but their further malicious activities were hindered. The incidents occurred months after agencies were ordered to patch the flaw, and the attackers’ identities … Read more