Tag Archive for: systems

CSUF cybersecurity students compete to hack into vulnerable systems – Orange County Register


Last fall, Cal State Fullerton cybersecurity students competed in the Collegiate Penetration Testing Competition where teams of students from the region met to determine how to hack the security systems of an airport and then presented a report of their findings to executives.

The Cal State Fullerton team of six students placed second in the high-pressure competition, which provided real-world experience that they will bring to the jobs that await them once they graduate. Business sponsors often recruit winners for employment during these events, said Mikhail Gofman, professor of computer science and director of the ECS Center for Cybersecurity in the College of Engineering and Computer Science.

Penetration testing means trying to break through the security systems of a business by using the same tools and techniques that hackers use. If a penetration tester can discover and exploit a vulnerability, Gofman said, then so can an attacker.

“This is often called the security governance,” Gofman said, “the goal of which is to ensure the cybersecurity of the company. It is driven by risk management, and, of course, cyberattacks are a big part of the company risk management, because a cyberattack can have very devastating consequences.”

The regional competition focused on the security systems of an airport. “They weren’t actually real airport systems, but real networks which simulated what a network infrastructure of an airport would look like,” Gofman said. “The students had 12 hours, from morning to night, to conduct the penetration test to find and exploit as many security vulnerabilities as possible.”

Then they had to write a professional penetration testing report that communicated their findings in plain language.

“Our goal as a team was to try to fully compromise the company, given only a set of IP ranges and some scattered fictitious employee information they left on the internet for us to exploit,” said fourth-year student Katherine Chen, who was a member of the winning team.

“You use public information on the internet to impersonate someone and use their information for malicious purposes, which we were successfully able to do,” Chen said. “At…

Source…

Federal Cyber Agency Offlines 2 Systems After Ivanti Hack


After issuing a warning about Ivanti zero-day vulnerabilities, the federal Cybersecurity and Infrastructure Security Agency (CISA) has now suffered a pair of breaches because of the incident.

Hackers exploiting vulnerabilities in Ivanti products breached two CISA systems in February, according to Recorded Future. The agency said it immediately took those systems offline, and that no other systems were affected. A spokesperson said CISA saw “no operational impact at this time,” and “continue[s] to upgrade and modernize” its systems.

CISA has not disclosed which systems were impacted. However, Recorded Future reported that one was the Infrastructure Protection (IP) Gateway. Per CISA’s website, that gateway serves as the way that Department of Homeland Security partners access integrated IP tools, capabilities and information to conduct comprehensive critical infrastructure vulnerability assessments and other security-related business.


The other system was the Chemical Security Assessment Tool, a portal housing surveys and applications that chemical facilities must complete to help CISA assess the risks of terrorists weaponizing the chemicals they hold, as part of a lapsed federal program.

Randy Rose is senior director of security operations and intelligence at the Center for Internet Security. Stone said it was hard to imagine such an incident having an impact on local government, other than potentially making some online resources unavailable. Users of the systems who have a key contact at CISA should be able to reach out and learn about possible impacts, he said.

Lower-level governments, however, now face more risks in using Ivanti products. After the vulnerabilities were discovered, the Center for Internet Security scanned for it among lower governments, finding more than 100 devices.

The vulnerabilities are in products that have been widely used across the public and private sectors for providing secure remote connections, Rose said. This points to the importance of organizations adopting a layered approach to security and risk management, mitigating risk when one line of defense fails.

Local governments…

Source…

CISA Systems Hacked: Ivanti Vulnerabilities Exploited, Urgent Security Measures Advised


Officials from the Cybersecurity and Infrastructure Security Agency (CISA) recently disclosed a successful hack of the agency’s systems in February that involved hackers taking advantage of flaws in Ivanti products.

The CISA spokesperson confirmed this security incident, revealing that the agency detected suspicious activities pointing to exploiting Ivanti product vulnerabilities approximately a month ago, as reported by Recorded Future News.

The impact of the CISA breach was contained in two specific systems and swiftly taken offline as part of immediate response measures. Emphasizing the ongoing efforts to modernize and upgrade systems, the spokesperson assured that there is currently no operational impact.

The Impact of the CISA Cyber Breach

According to a person with knowledge, the hacked systems were the Infrastructure Protection (IP) Gateway and the Chemical Security Assessment Tool (CSAT). These two systems held important data about how U.S. infrastructure is interdependent and private sector chemical security plans. CISA has neither confirmed nor denied this information.

CSAT, recognized for storing susceptible industrial data, including tools for high-risk chemical facilities, site security plans, and security vulnerability assessments, was a focal point of the breach.

CISA Confirms Cyber Breach: Ivanti Product Flaws Exploited by Unknown Hackers

In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany. 2020 saw a sharp rise in global cybercrime that was in part driven by the jump in online retailing that ensued during national lockdowns as governments sought to rein in the coronavirus pandemic. (Photo : Sean Gallup/Getty Images)

In response to the incident, CISA advised enterprises to study a Feb.29 alert warning of actively exploiting Ivanti Connect Secure and Ivanti Policy Secure gateway vulnerabilities. The vulnerabilities are CVE-2023-46805, 2024-21887, and 2024-21893.

“This is a reminder that any organization can be affected by a cyber vulnerability, and having an incident response plan in place is a necessary component of resilience,” the CISA spokesperson noted.

The CISA is a…

Source…

Leicester City Council systems shut down after 'cyber incident' – BBC



Leicester City Council systems shut down after ‘cyber incident’  BBC

Source…