Connect with us

Technology

Chinese hackers exploit Fortinet flaw, breach targeted networks for spying

Published

on

Chinese hackers are exploiting zero-day vulnerabilities in networking devices, followed by the installation of custom implants, reported The Hacker News.

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day attack targeting a European government entity and a managed service provider (MSP) located in Africa.

The latest findings from Mandiant indicate that the threat actor managed to abuse the vulnerability as a zero-day to its advantage and breach targeted networks for espionage operations, reported The Hacker News.

Read| Twitter hacked, 200 million user email addresses leaked: Report

“The exploitation of zero-day vulnerabilities in networking devices, followed by the installation of custom implants, is consistent with previous Chinese exploitation of networking devices,” Mandiant noted.

Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation occurred as early as October 2022, at least nearly two months before fixes were released.

“This incident continues China’s pattern of exploiting internet-facing devices, specifically those used for managed security purposes (e.g., firewalls, IPSIDS appliances, etc.),” Mandiant researchers said in a technical report.

The attacks entailed the use of a sophisticated backdoor dubbed BOLDMOVE, a Linux variant of which is specifically designed to run on Fortinet’s FortiGate firewalls, reported The Hacker News.

The intrusion vector in question relates to the exploitation of CVE-2022-42475, a heap-based buffer overflow vulnerability in FortiOS SSL-VPN that could result in unauthenticated remote code execution via specifically crafted requests.

Earlier this month, Fortinet disclosed that unknown hacking groups have capitalized on the shortcoming to target governments and other large organizations with a generic Linux implant capable of delivering additional payloads and executing commands sent by a remote server, reported The Hacker News.

“With BOLDMOVE, the attackers not only developed an exploit, but malware that shows an in-depth understanding of systems, services, logging, and undocumented proprietary formats,” said the threat intelligence firm Mandiant.

Read| Cybercriminals using ChatGPT AI bot to develop malicious tools?

The malware, written in C, is said to have both Windows and Linux flavors, with the latter capable of reading data from a file format that’s proprietary to Fortinet. Metadata analysis of the Windows variants of the backdoor shows that they were compiled as far back as 2021, although no samples have been detected in the wild, reported The Hacker News.

BOLDMOVE is designed to carry out a system survey and is capable of receiving commands from a command-and-control (C2) server that in turn allows attackers to perform file operations, spawn a remote shell, and relay traffic via the infected host.

An extended Linux sample of the malware comes with extra features to disable and manipulate logging features in an attempt to avoid detection, corroborating Fortinet’s report.

“Zero-day” is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term “zero-day” refers to the fact that the vendor or developer has only just learned of the flaw – which means they have “zero days” to fix it. A zero-day attack takes place when hackers exploit the flaw before developers have a chance to address it.Software often has security vulnerabilities that hackers can exploit to cause havoc. Software developers are always looking out for vulnerabilities to “patch” – that is, develop a solution that they release in a new update.However, sometimes hackers or malicious actors spot the vulnerability before the software developers do. While the vulnerability is still open, attackers can write and implement code to take advantage of it. This is known as exploit code.The exploit code may lead to the software users being victimized – for example, through identity theft or other forms of cybercrime.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Jio launches 5G services in 34 more cities; 225 covered till now

Published

on

Reliance Jio on Tuesday announced the launch of 5G services across 34 cities spread across 13 states, taking the cumulative tally of the number of cities in the country having access to the company’s True 5G services to 225.

This comes days after Reliance launched its services in six states of the north east namely, Shillong, Imphal, Aizawl, Agartala, Itanagar, Kohima and Dimapur.

Also Read| Reliance Jio profit rises by 28% to 4,638 crore in third quarter

“Jio users in these cities will be invited to the Jio Welcome Offer, to experience Unlimited Data at up to 1 Gbps speeds, at no additional cost, starting today,” a statement by the company said.

Six cities in Andhra Pradesh (Ananthapuramu, Bhimavaram, Chirala, Guntakal, Nandyal, Tenali), three in Assam (Dibrugarh, Jorhat, Tezpur), one in Bihar (Gaya), two in Chhattisgarh (Ambikapur, Dhamtari), two in Haryana (Thanesar, Yamunanagar), one in Karnataka (Chitradurga), two in Maharashtra (Jalgaon, Latur), two in Odisha (Balangir, Nalco), two in Punjab (Jalandhar, Phagwara), one in Rajasthan (Ajmer) will receive the 5G services of the company from now on.Other cities where 5G was launched include Tamil Nadu’s Cuddalore, Dindigul, Kancheepuram, Karur, Kumbakonam, Nagercoil, Thanjavur, Tiruvannamalai. Telangana’s Adilabad, Mahabubnagar, Ramagundam will also receive 5G services. Services were also launched in Uttar Pradesh’s Mathura.

Jio spokesperson said that the company has achieved this feat in under 120 days since the Beta Trial launch.

“We are really excited to launch Jio True 5G services in 34 additional cities, taking the total count to 225 cities. Jio has achieved this milestone in just under 120 days since the Beta Trial launch and is well on its way to connect the entire nation with the transformational Jio True 5G services by December 2023,” the spokesperson said.

The statement further added that a 5G network rollout of this scale is a first anywhere in the world, and 2023 will be a landmark year for India, when the entire country will reap the benefits of the revolutionary True 5G technology, delivered through Jio’s superior network infrastructure.

“We are grateful to the Central and State Governments for their continuous support in ourquest to digitize our country,” the statement said.

Source link

Continue Reading

Technology

WhatsApp to increase character limit for group subject, description

Published

on

To provide a better user experience for WhatsApp groups, the Meta-owned service is developing the ability to release longer group subjects and descriptions, according to a report in WABetaInfo, a website which tracks news and updates related to WhatsApp.

The following screenshot, shared by WABetaInfo, shows how group admins will be able to use this feature.

This screenshot by WABetaInfo explains how the feature will work.

As seen above, WhatsApp is changing the maximum limit of characters admins can use, when entering the group subject and description. To give them more freedom while naming groups, the maximum character limit has been expanded from 25 to 100. Also, for describing a group, the instant messaging platform is increasing the maximum character limit from 512 to 2,048. With this, users will get more space to add important details and information, which they otherwise can’t, due to space constraints.

Also Read: On WhatsApp for iOS, people will be able to react to messages in community group

Please note, however, that you may not be able to use this feature immediately, even if it has been enabled on your device. Additionally, you will have to install the latest WhatsApp beta for Android update from the Play Store.

Also Read: Soon, you may bring images, videos from other apps to WhatsApp. Here’s how

The ability is expected to reach more people in the next twenty-four hours, said WABetaInfo.


Source link

Continue Reading

Technology

German tech firms looking to hire laid off professionals in Silicon Valley

Published

on

Faced with a tight labour market and a shortage of workers with key software engineering skills, some German companies are looking at thousands of layoffs in Silicon Valley as an opportunity to recruit top talent.

The U.S. West Coast has always been the main destination for ambitious software engineers looking to work in the best-paid, most elite corner of their profession, but the mass redundancies have created a pool of jobseekers that Germany is eager to tap.

“They fire, we hire,” said Rainer Zugehoer, Chief People Officer at Cariad, the software subsidiary of automaker Volkswagen. “We have several hundred open positions in the U.S., in Europe and in China.”

Also Read: Zuckerberg’s Meta gearing up for more layoffs? This report suggests so

Spooked by inflation and the prospect of recession, Google parent Alphabet, Microsoft and Facebook owner Meta have announced a combined almost 40,000 job cuts.

While Germany is also teetering on the edge of recession, its companies have grown more slowly in recent years and, in a country notorious for still handling business by fax, there are huge technology leaps to be made.

Germany, with one of the world’s oldest populations, has gaping holes in its labour force: according to IT industry group Bitkom, 137,000 IT jobs are unfilled.

The government is simplifying immigration rules and dangling the prospect of easily-acquired citizenship to tempt skilled would-be immigrants, and regional authorities are pressing ahead.

Also Read: PagerDuty CEO quotes Martin Luther King Jr in layoff email, faces flak

“I would like to cordially invite you to move to Bavaria,” wrote Judith Gerlach, digitalisation minister in Germany’s wealthiest region on LinkedIn in a post addressed to the recently laid off.

Especially with the euro at dollar parity, few European companies pay rates that compete with the hundreds of thousands of dollars on offer at California’s most successful companies, but some hope cheaper healthcare and lower costs compared to hotspots like San Francisco can help.

“And did I mention Oktoberfest?” Gerlach added, adding Munich’s famed beer festival to the strong labour protections that might prove attractive to the newly jobless.

Some are sceptical, with Bitkom’s Bernhard Rohleder noting that Germany is competing not just with other countries for the most talented, but with potential recruits’ home countries too.

Germany’s penchant for red tape could be another challenge: companies are already reporting months-long delays in securing appointments for their new hires to get work permits.

“Bureaucracy in Germany is utterly crippling for most highly-qualified workers when they first encounter it, especially if they don’t speak German,” said Diana Stoleru of Berlin startup Lendis.

Source link

Continue Reading

Trending