#Firewalls umgangen:
#Hacker #infiltrieren #Netzwerk einer #Bank per #RaspberryPi
Der Raspberry Pi wurde einfach am Switch eines Geldautomaten angeschlossen. Dank 4G-Modem konnten sich die Angreifer danach im Netzwerk austoben.

#Firewalls umgangen:
#Hacker #infiltrieren #Netzwerk einer #Bank per #RaspberryPi
Der Raspberry Pi wurde einfach am Switch eines Geldautomaten angeschlossen. Dank 4G-Modem konnten sich die Angreifer danach im Netzwerk austoben.
HIRING: Deputy Director, Physical & Cyber Security / San Jose, California USD 208K+
14.000 #Fortinet- #Firewalls kompromitiert: Angreifer nisten sich ein.
HIRING: Deputy Director, Physical & Cyber Security / San Jose, California USD 208K+
Cybersecurity firm Arctic Wolf disclosed on Friday that threat actors recently targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public Internet in a suspected zero-day campaign.
#Vulnerability #Firewalls #CyberAttacks
https://www.techworm.net/2025/01/zero-day-vulnerability-fortinet-fortigate-firewalls.html
"Now one cybersecurity vendor is revealing how intensely—and for how long—it has battled with one group of hackers that have sought to exploit its products to their own advantage. For more than five years, the UK cybersecurity firm Sophos engaged in a cat-and-mouse game with one loosely connected team of adversaries who targeted its firewalls. The company went so far as to track down and monitor the specific devices on which the hackers were testing their intrusion techniques, surveil the hackers at work, and ultimately trace that focused, years-long exploitation effort to a single network of vulnerability researchers in Chengdu, China.
On Thursday, Sophos chronicled that half-decade-long war with those Chinese hackers in a report that details its escalating tit-for-tat. The company went as far as discreetly installing its own “implants” on the Chinese hackers' Sophos devices to monitor and preempt their attempts at exploiting its firewalls. Sophos researchers even eventually obtained from the hackers' test machines a specimen of “bootkit” malware designed to hide undetectably in the firewalls' low-level code used to boot up the devices, a trick that has never been seen in the wild."
https://www.wired.com/story/sophos-chengdu-china-five-year-hacker-war/
For those who don't know (which is most of you), this project has been the intense focus of my work, taking up a huge amount of my time, energy, and investigative effort for the past 14 months - while still helping others at Sophos publish their research; running an election campaign where I was a candidate for school board; speaking at Blue Hat, Defcon, Saintcon, Virus Bulletin and other conferences; guest lecturing to classes at CU Boulder; volunteering my time canvassing for political candidates; serving as a docent at the Media Archaeology Lab; and starting up the Elect More Hackers organization.
Whew. It's actually kind of daunting just to read that. I also sometimes sleep and eat.
@SophosXOps has been, at its core, an institution that values radical transparency, and this story (and the earlier research investigations into the Operation Pacific Rim threat actors and incidents) demonstrates Sophos' commitment to truth and journalistic integrity, following a story wherever it leads.
I hope our publication today starts a larger conversation and collaboration within the cybersecurity industry - inside and outside the Cyber Threat Alliance, which Sophos actively supports and where I am proud to represent my employer - to work together to thwart the ambitions of nation-state threat actors such as the perpetrators of Operation Pacific Rim, in order to protect the privacy and safety of everyone, everywhere.
#PacificRim #OperationPacificRim #malware #china #hacking #hacks #infosec #firewalls #intrusiondetection
For 5 years, Sophos has been engaged in defensive and counter-offensive operations against China-based #NationState adversaries targeting perimeter devices like #firewalls for surveillance and sabotage.
The attacks unfolded in two waves: the first aimed to build proxy networks, often used by Chinese groups to hide further operations. The second targeted critical infrastructure in South and Southeast Asia.
Sophos uncovered links to groups like Volt Typhoon, APT31, APT41, and Chinese educational institutions. Now, we’re sharing insights from our detailed "Pacific Rim" report to help others defend against these persistent attackers.
Sophos X-Ops is happy to collaborate with others and share additional detailed IOCs on a case-by-case basis.
Contact us via pacific_rim@sophos.com.
For the full story, please see our landing page: https://www.sophos.com/en-us/content/pacific-rim
OpenSnitch is a comprehensive open source Linux application firewall
https://squeet.me/display/962c3e10-f7ab4d5d-9541299eb2b28bc6
#Firewalls an #Schulen - Der Bund der Steuerzahler hat heute sein Schwarzbuch veröffentlicht. Darin (1) kritisiert er z.B. die Anschaffung von 18 Mio. Euro teuren Firewalls für Schulen in #SachsenAnhalt, die kaum genutzt wurden.
Über diese Nummer hatte ich zuerst 2022 berichtet. 2024 erneut (2). Wer sich nochmal wundern will: mein Kommentar dazu gilt immer noch (3)
@wdormann so basically all modern #distros are unaffected because they all have a built-in #firewall up and running...
From Firewalls to Zero Trust: The Evolution of Cybersecurity
https://youtu.be/nYTv-KaTEuU #cybersecurity #firewalls #zerotrust #riskmanagement #castles #moats
HIRING: IT Security Analyst Senior / West Palm Beach, FL - Adm Headquarters (B2) USD 71K+
*The Internet of European Things. #firewalls #cyberspace #postinternet
HIRING: IT Security Analyst Senior / West Palm Beach, FL - Adm Headquarters (B2) USD 71K+
HIRING: Manager, Endpoint Security Engineer / Plano, TX USD 201K+
Chinese, Russian espionage campaigns increasingly targeting edge devices
https://therecord.media/chinese-russian-hackers-edge-devices #china #russia #hackers #EspionageAttacks #VPNappliances #firewalls #routers #InternetOfThings
Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers - Enlarge (credit: Getty Images)
Hackers backed by a powerful na... - https://arstechnica.com/?p=2019790 #networkperimeter #firewalls #security #uat4356 #biz #vpns
Latest issue of my curated #cybersecurity and #infosec list of resources for week #50/2023 is out! It includes the following and much more:
➝
U.S. nuclear research lab #databreach impacts 45,000 people
➝ #Toyota Germany Says Customer Data Stolen in #Ransomware Attack
➝
#Bitcoin ATM company Coin Cloud got hacked. Even its new owners don’t know how
➝
Norton #Healthcare discloses data breach after May ransomware attack
➝ Russian SVR-Linked #APT29 Targets #JetBrains TeamCity Servers in Ongoing Attacks
➝ #LockBit ransomware now poaching #BlackCat, NoEscape affiliates
➝
#Microsoft seizes domains used to sell fraudulent #Outlook accounts
➝
French police arrests Russian suspect linked to #Hive ransomware
➝ Chinese APT Volt Typhoon Linked to Unkillable SOHO Router #Botnet
➝
Ukrainian military says it hacked #Russia's federal tax agency
➝
Researchers Unmask Sandman APT's Hidden Link to China-Based #KEYPLUG Backdoor
➝
#Ukraine’s largest mobile communications provider down after apparent #cyberattack
➝ Kelvin Security hacking group leader arrested in #Spain
➝
#ALPHV ransomware site outage rumored to be caused by law enforcement
➝
#UniFi devices broadcasted private video to other users’ accounts
➝
Russian Diplomat Expelled Amid EU Spy Purge Is Now An OSCE Election Observer In Serbia
➝ Harry Coker confirmed to be the next National Cyber Director
➝
Spain expels two US spies for infiltrating secret service
➝ #MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure
➝ #ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability
➝
New Pierogi++ #Malware by #Gaza Cyber Gang Targeting Palestinian Entities
➝
Iranian State-Sponsored #OilRig Group Deploys 3 New Malware Downloaders
➝
New MrAnon Stealer Malware Targeting German Users via Booking-Themed #Scam
➝ #Google's New Tracking Protection in Chrome Blocks Third-Party #Cookies
➝
#Zoom Unveils Open Source Vulnerability Impact Scoring System
➝
#Sophos backports RCE fix after attacks on unsupported #firewalls
➝
Over 1,450 #pfSense servers exposed to RCE attacks via bug chain
➝
#Apple Ships iOS 17.2 With Urgent Security #Patches
➝ Over 30% of #Log4J apps use a vulnerable version of the library
This week's recommended reading is: "Black Hat Python, 2nd Edition: Python Programming for Hackers and Pentesters (2nd Edition)" by Justin Seitz and Tim Arnold
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-502023