Tag Archive for: Reaching

747th CYS is reaching new heights > 15th Wing > Article Display







Staff Sgt. James Fearney, and Senior Airman Samuel Nix, 747th Cyber Security Squadron expeditionary communications specialists, complete a climbing certification class at Joint Base Pearl Harbor-Hickam, Hawaii, Jan. 11, 2024. Cyber airmen conduct routine maintenance to the towers supporting the Joint Base and are responsible for keeping the Internet and phone communications running. (U.S. Air Force photo by Senior Airman Makensie Cooper)


Source…

Exploitation of Citrix NetScaler vulns reaching dangerous levels


Time may be running short for users of Citrix’s NetScaler Application Delivery Controller (ADC) and NetScaler Gateway products who have not yet patched against two recently disclosed vulnerabilities to do so, after cyber researchers started to see elevated levels of activity targeting them.

Disclosed on 10 October, and possibly exploited as long ago as August, the two flaws are tracked as CVE-2023-4966 and CVE-2023-4967. The first of these is a sensitive information disclosure vulnerability carrying a Common Vulnerability Scoring System (CVSS) score of 9.4, and the second is a denial-of-service vulnerability carrying a CVSS score of 8.2.

The growing volume of threat actor activity is targeting the first of these vulnerabilities, according to Citrix. In a statement, the company said: “We now have reports of incidents consistent with session hijacking, and have received credible reports of targeted attacks exploiting this vulnerability.”

Citrix said it strongly recommended users of the affected products to immediately install the updated, recommended builds, as well as killing all active and persistent sessions as a precaution. More details of how to do so are available from Citrix. Note that there are no further workarounds available.

Exploitation of CVE-2023-4966 may escalate still further after the publication of a public proof of concept (PoC) by researchers at AssetNote on 25 October. In his write-up, AssetNote’s Dylan Pindur revealed how he was able to exploit the vulnerability in order to obtain a valid session token.

“Like previous issues with Citrix NetScaler, the issue was made worse by a lack of other defence-in-depth techniques and mitigations,” wrote Pindur. “Not clearing sensitive data from what appear to be temporary buffers and stricter validation on client-provided data being the two most obvious mitigations which could have been applied to minimise the damage.”

Since this, multiple sources have stated that scanning activity has increased. In a statement posted to X, the website formerly known as Twitter, internet security specialist ShadowServer said its honeypot sensors had seen a “sharp increase in queries” related to CVE-2023-4966.

Source…

North Korea fires 2 missiles capable of reaching Japan in possible response to Tokyo’s new security strategy


SEOUL, South Korea (AP) — North Korea test-fired a pair of ballistic missiles with a potential range of striking Japan on Sunday, in a possible protest of Tokyo’s adoption of a new security strategy to push for more offensive footing against North Korea and China.

The launches came two days after the North claimed to have performed a key test needed to build a more mobile, powerful intercontinental ballistic missile designed to strike the U.S. mainland.

The two missiles traveled from the country’s northwest Tongchangri area about 500 kilometers (310 miles) at a maximum altitude of 550 kilometers (340 miles) before landing in the waters between the Korean Peninsula and Japan, according to the South Korean and Japanese governments.

South Korea’s military described both missiles as medium-range weapons that were launched at a steep angle, suggesting they could have traveled farther if fired at a standard trajectory. North Korea usually tests medium- and longer-range missiles at a high angle to avoid neighboring countries, though it fired an intermediate-range missile over Japan in October, forcing Tokyo to issue evacuation alerts and halt trains.

In an emergency meeting, top South Korean security officials deplored North Korea’s continued provocations that they said came despite “the plight of its citizens moaning in hunger and cold due to a serious food shortage.” They said South Korea will boost a trilateral security cooperation with the U.S. and Japan, according to South Korea’s presidential office.

Japanese Vice Defense Minister Toshiro Ino separately criticized North Korea for threatening the safety of Japan, the region and the international community. The U.S. Indo-Pacific Command said the launches highlight the destabilizing impact of North Korea’s unlawful weapons of mass destruction and ballistic missile programs. It said the U.S. commitments to the defense of South Korea and Japan “remain ironclad.”

Kwon Yong Soo, a former professor at Korea National Defense University in South Korea, said North Korea likely tested its Pukguksong-2 missile, a solid-fueled, land-based variant of its Pukguksong family of missiles that can be…

Source…

A back-to-school plan for reaching the next generation of cybersecurity professionals


A back-to-school plan for reaching the next generation of cybersecurity professionals | Security Magazine




Source…