Tag Archive for: Interest

Public interest in Log4Shell fades but attack surface remains

/in


log4shell

It’s been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is still way behind.

Although the public interest and focus of the infosec community have moved to newer vulnerabilities and exploits, Log4Shell continues to be a large-scale problem and a grave security risk.

The last time we touched the subject of Log4Shell exploitation was roughly two months ago when a Barracuda report highlighted that it was primarily botnets that leveraged it for DDoS and cryptocurrency mining.

However, a new report published today by Rezilion paints a dire picture, revealing a large attack surface across a wide range of software products.

This is a severe problem due to its potential impact (remote code execution) and the ease of exploitation (availability of PoCs).

Log4Shell bug discovery and fixing timeline
Log4Shell bug discovery and fixing timeline (Rezilion)

A problem that’s still there

According to Rezilion’s report, which presents data from various points, Log4Shell, tracked as CVE-2021-44228, is still present in so many software products that formulating a logical explanation is challenging.

For example, when looking into Sonatype’s Log4j Download Dashboard, we see that a steady percentage of almost 40% is still downloading vulnerable Log4j versions even at the end of April.

Log4j version downloads
Log4j version downloads (Sonatype)

While this was previously attributed to security researchers, analysts, or even threat actors testing their exploits, the persistence of the percentage on high levels after all this time excludes these scenarios.

When looking into data from Google’s Open Source Insights service, Rezilion found that out of the 17,840 open-source packages using Log4j as a dependency, only 7,140 had upgraded to a fixed version. Hence, 60% of them remain vulnerable to Log4Shell.

Open-source software using vulnerable Log4j versions
Open-source software using vulnerable Log4j versions (Rezilion)

When searching for the particular category of open-source containers on Shodan, Rezilion found over 90,000 potentially vulnerable internet-facing apps that contain obsolete versions of Log4j. A notable example is Apache Solr, counting 1,657 public deployments…

Source…

N. Korean security officials use arrested foreign mobile phone users to investigate persons of interest

/in


special patrols coronavirus outbreak smuggler mobile phones strict smuggler border
A border patrol checkpoint in Pungso County, Yanggang Province. This photo was taken in February 2019. (Daily NK)

North Korean security officials along the China-North Korea border have recently been attempting to engage in video calls with interested parties in China and South Korea through locals arrested for using foreign-made mobile phones.

This suggests that with North Korean security authorities declaring a “mop-up operation” against users of foreign-made mobile phones to completely “root out” so-called “anti-socialist and non-socialist behavior,” the scope of the Ministry of State Security’s investigation is expanding beyond North Korea’s borders.

According to a Daily NK source in Yanggang Province, Ministry of State Security branches along the border have been “brashly” carrying out their investigations by using locals arrested for using foreign-made mobile phones to make video calls to persons of interest in South Korea and China to confirm their identities. 

They are reportedly confirming the nationalities, areas of residence and remittance sources of those who have been in contact with the arrested locals.

In fact, a woman in her 40s identified by her family name of Kang was arrested in Hyesan last month by the city branch of the Ministry of State Security for illegally receiving remittances and using an illegal mobile phone. When security officials searched Kang’s house, they found the Chinese-made mobile phone she used and a fat stack of cash.

Recently, a Ministry of State Security investigator handling her care called her to an interrogation room and forced her to engage in video chatting with about 80 people on her WeChat list. WeChat is a Chinese instant messaging app.

The authorities aimed to confirm the credibility and accuracy of Kang’s confession, and to determine whether the people on her list were simply ordinary people or spies.

Essentially, investigators have gone beyond their existing practice of bringing cases to a conclusion by extracting confessions from suspects, and are expanding the scope of their inquiries.

The source said the Ministry of State Security has once again called on agents to use all…

Source…

Why electronic voting is dying from lack of interest

/in


The back-end was stress tested and various penetration, information security and privacy assessments undertaken. There was a refreshing transparency to the whole process and the successful online survey saved taxpayers well more than $100 million.

Collecting information, surveying opinion and engaging citizens are core functions of a citizen-centric modern government. This is what makes the inability to transform the pencil and paper voting system into a repeatable electronic system very frustrating.

Tight time constraints

Electoral commissioners are fond of observing that elections are the largest and most complex logistical operations that a country undertakes in peacetime, typically engaging the entire adult population in a prescribed process implemented under tight time constraints.

And they are expensive too. The coming federal election will cost taxpayers about $430 million to administer – including the supply of 4 million pencils – and the NSW state elections cost $100 million-plus a pop. The same process is repeated every three to four years across the eight federal jurisdictions and hundreds of local council ballots.

For nearly a decade, the NSW Electoral Commission (NSWEC) had been a pioneer in the English-speaking world, offering online voting for disabled, elderly and remote electors using Spanish software developed for elections for Swiss cantons.

The iVote software had attracted the attention of security analysts who had led a campaign to have it ditched, claiming there was a “trap door” that could allow votes to be manipulated. The NSWEC admitted the code defect, but said the local implementation had physically isolated the issue, meaning it could not be used by cyber attackers.

It was not the first time defects had been found in the whole iVote system and Electoral Commissioner John Schmidt had made no secret of the urgent need for $22 million of funding to bring the Commission’s systems, including iVote, into cyber compliance. At parliamentary hearings, Schmidt had described his efforts to get funding as “Kafkaesque” and a “circle of hell”.

System capacity issue

In the end, it was not a security bug, but rather a system capacity issue that brought down…

Source…

Short Interest in Cyren Ltd. (NASDAQ:CYRN) Grows By 213.6%

/in


Cyren Ltd. (NASDAQ:CYRN – Get Rating) was the recipient of a large growth in short interest in February. As of February 28th, there was short interest totalling 627,600 shares, a growth of 213.6% from the February 13th total of 200,100 shares. Based on an average daily trading volume, of 2,420,000 shares, the days-to-cover ratio is currently 0.3 days. Approximately 24.0% of the company’s stock are short sold.

Separately, StockNews.com started coverage on shares of Cyren in a research report on Thursday, March 3rd. They set a “sell” rating on the stock.

Several institutional investors have recently added to or reduced their stakes in the company. Renaissance Technologies LLC increased its stake in shares of Cyren by 9.0% during the 2nd quarter. Renaissance Technologies LLC now owns 1,458,772 shares of the technology company’s stock worth $1,182,000 after purchasing an additional 120,000 shares during the last quarter. Goldman Sachs Group Inc. acquired a new position in shares of Cyren during the 2nd quarter worth about $79,000. Herald Investment Management Ltd increased its stake in shares of Cyren by 61.6% during the 3rd quarter. Herald Investment Management Ltd now owns 97,511 shares of the technology company’s stock worth $60,000 after purchasing an additional 37,160 shares during the last quarter. Squarepoint Ops LLC acquired a new position in shares of Cyren during the 2nd quarter worth about $51,000. Finally, Sassicaia Capital Advisers LLC acquired a new position in shares of Cyren during the 3rd quarter worth about $30,000. Institutional investors own 54.22% of the company’s stock.

(Ad)

No dictionary required, no complicated YouTube tutorials, no manuals written in code, just a guide for new options traders written in plain English.

Hi, I’m Justin Vaughn, seasoned options trader and author of the best e-book for beginners, “Options Basics”.

I’ll give you all the tools you need to start, plus a way around the pitfalls new traders fall into.

Cyren stock opened at $6.80 on Friday. The firm has a market capitalization of $30.82 million, a PE ratio of -1.21 and a beta of 0.17. The company’s 50-day moving average is $2.22 and its 200-day moving average is $1.09. Cyren has a…

Source…