Tag Archive for: levels

Exploitation of Citrix NetScaler vulns reaching dangerous levels


Time may be running short for users of Citrix’s NetScaler Application Delivery Controller (ADC) and NetScaler Gateway products who have not yet patched against two recently disclosed vulnerabilities to do so, after cyber researchers started to see elevated levels of activity targeting them.

Disclosed on 10 October, and possibly exploited as long ago as August, the two flaws are tracked as CVE-2023-4966 and CVE-2023-4967. The first of these is a sensitive information disclosure vulnerability carrying a Common Vulnerability Scoring System (CVSS) score of 9.4, and the second is a denial-of-service vulnerability carrying a CVSS score of 8.2.

The growing volume of threat actor activity is targeting the first of these vulnerabilities, according to Citrix. In a statement, the company said: “We now have reports of incidents consistent with session hijacking, and have received credible reports of targeted attacks exploiting this vulnerability.”

Citrix said it strongly recommended users of the affected products to immediately install the updated, recommended builds, as well as killing all active and persistent sessions as a precaution. More details of how to do so are available from Citrix. Note that there are no further workarounds available.

Exploitation of CVE-2023-4966 may escalate still further after the publication of a public proof of concept (PoC) by researchers at AssetNote on 25 October. In his write-up, AssetNote’s Dylan Pindur revealed how he was able to exploit the vulnerability in order to obtain a valid session token.

“Like previous issues with Citrix NetScaler, the issue was made worse by a lack of other defence-in-depth techniques and mitigations,” wrote Pindur. “Not clearing sensitive data from what appear to be temporary buffers and stricter validation on client-provided data being the two most obvious mitigations which could have been applied to minimise the damage.”

Since this, multiple sources have stated that scanning activity has increased. In a statement posted to X, the website formerly known as Twitter, internet security specialist ShadowServer said its honeypot sensors had seen a “sharp increase in queries” related to CVE-2023-4966.

Source…

The SANS 2022 Holiday Hack Challenge, The Year’s Most Awaited Cybersecurity Tradition, Opens to Players of All Skill Levels


Protect the North Pole from Threats and Earn Your Place on Santa’s Nice List – Then Join Santa at KringleCon, a Virtual Conference featuring Cybersecurity Experts

BETHESDA, Md., Dec. 8, 2022 /PRNewswire/ — The SANS Institute (SANS) has officially opened its 21st annual Holiday Hack Challenge! Participants can join Santa to save the holiday season from treachery by recovering five precious rings, each ring representing a different quest to defeat cybersecurity obstacles and change the course of the future. This free, hands-on cybersecurity challenge is open to all skill levels and ages, where players will have their skills tested by a holiday supervillain with the potential to win prizes ranging from cybersecurity goodies to the grand prize of a free SANS online training course.

John the SANS 2022 Holiday Hack Challenge

SANS 2022 Holiday Hack Challenge, The Year’s Most Awaited Cybersecurity Tradition, Opens to Players of All Skill Levels

“We are thrilled to present another year of the SANS Holiday Hack Challenge,” said Ed Skoudis, President of the SANS Technology Institute college and SANS Chief Holiday Officer. “We’ve been saving the holidays with the cybersecurity community since 2002, and this year, we hope even more players will join the fight in this playful way to advance critical skills and cyber capabilities across the globe.”

More than 17,000 players participated in 2021, and this year’s Holiday Hack Challenge is expected to reach even more cybersecurity professionals and students. The collaborative virtual game allows players to create customized avatars and join up with teammates, friends, and players worldwide in this one-of-a-kind shared virtual experience to explore the North Pole while advancing their cybersecurity skills across cloud security, forensics, offensive and defensive security, and more.

“Our cybersecurity elves narrowly saved the season last year, protecting Santa and the North Pole from danger, and we all thought the holidays would be safe for years to come,” said Mr. Skoudis. “We have discovered that evil still lurks across the icy terrain, so we must call on our cybersecurity community, from elementary students to seasoned professionals, to join us in this mission to save the…

Source…

INF Treaty exit? Putin says he’s ready to escalate to Cuban Missile Crisis levels

Go ahead. Make my day.

Enlarge / Go ahead. Make my day.

Russian President Vladimir Putin told members of the Russian media on Wednesday that if the US exits the Intermediate Nuclear Forces (INF) treaty and deploys nuclear weapons to Europe, Russia will follow suit—by placing nuclear weapons off the coast of the US. The comments came on the heels of an announcement by Putin that a nuclear powered, nuclear-armed unmanned submersible vehicle (essentially a giant nuclear torpedo) was nearly ready for deployment. The Russian president said the first submarine equipped to carry it would be ready as soon as this spring.

“If they create threats to us, they should be aware of the potential consequences, so that they will not accuse us of unnecessary aggressiveness or whatever later,” Putin said in comments following his February 20 address to Russia’s Federal Assembly. “They have announced their decision,” he said, referencing President Donald Trump’s decision to withdraw from the INF treaty. “We know what can follow it. We tell them, ‘Do the maths. Can you count? So, do it before making any decisions that would create additional threats to you.'”

To make that point clearer, Putin gave some of the numbers for “the maths.” First, he would put nuclear-armed missiles on submarines or surface ships. “At a speed of Mach 9, these missiles can strike a target more than 1,000 km away,” he explained. “Under the Law of the Sea, the exclusive economic zone is defined at some 400 km or 200 miles. Do the maths. The distance of 1,000 kilometers at Mach 9. How soon, in how many minutes, can these weapons reach their targets? Just compare, the flight time to Moscow is between 10 and 12 minutes. How long would it take to reach the decision-making centers that are creating threats to us? The calculation is not in their favor, at least, not today.”

Read 15 remaining paragraphs | Comments

Biz & IT – Ars Technica

Massive data breach targets German politicians ‘at all levels’ – Aljazeera.com

  1. Massive data breach targets German politicians ‘at all levels’  Aljazeera.com
  2. German politicians hit by massive data breach  iTnews
  3. Top German politicians affected in major data breach  E&T Magazine
  4. Hacker leaks data on Angela Merkel and hundreds of German lawmakers  TechCrunch
  5. German politicians targeted in massive data breach | SC Media  SC Magazine
  6. View full coverage on read more

“data breach” – read more