Connect with us

Ransomware operators successfully exploit old vulnerabilities

Published

on

Some problems have been known for almost ten years, and patches from developers have long been available for download and installation.

Qualys specialists told about ransomware operators who successfully exploit old vulnerabilities in popular software.

The experts analyzed the Common Vulnerabilities and Exposures (CVE) database and identified the vulnerabilities most often exploited in cyber attacks by ransomware groups. Some problems have been known for almost ten years, and patches from developers have long been available for download and installation. However, many organizations and companies still have not upgraded, exposing themselves to the risk of attacks.

The oldest exploited vulnerability reported by Qualys is CVE-2012-1723. The problem was discovered in 2012 and affects the Java Runtime Environment (JRE) component in Oracle Java SE 7. According to researchers, the problem is used by attackers to install the ransomware Urausy. As noted by experts, some companies, even after almost ten years, have not installed the fix.

Two other vulnerabilities popular among cybercriminals (CVE-2013-0431 and CVE-2013-1493) were discovered in 2013. The first affects the JRE and is used by the operators of the ransomware Reveton, and the second is contained in Oracle Java and is exploited during Exxroute attacks. Patches for these problems have been in the public domain for about eight years.

The Adobe Acrobat vulnerability (CVE-2018-12808) was discovered three years ago. The problem is used to deliver Ryuk and Conti ransomware in phishing emails. Old unpatched vulnerabilities are a favorite target of cybercriminals who work with resources available on the Internet. Conti ransomware analysis shows that operators are targeting known vulnerabilities such as Zerologon (CVE-2020-1472), PrintNightmare (CVE-2021-34527), and EternalBlue (MS17-010).

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Chinese TikTok adds 5-second pauses between videos to combat addictions

Published

on

5-second warning clips will remind you to “put the phone away” or “go to bed”.

Douyin, the Chinese app “twin” of TikTok, owned by the same ByteDance company, is introducing measures to combat its own algorithms, tuned to keep users’ attention as long as possible. Now those who “stick” in the application for too long will be revived by forced pauses between clips. Reported by the South China Morning Post.

On the social network, there are five-second pauses between videos that cannot be missed. During such pauses, users will be forced to watch videos reminding them of the need to “put the phone away”, “go to bed” or that “work tomorrow”. They will appear when the user spends too much time in the application.

Previously, Douyin had already limited video viewing – then the changes affected the children’s audience. Teenagers under 14 were allowed to watch videos for a maximum of 40 minutes a day, and were also banned from entering the application from 10 pm to 6 am.

Continue Reading

Security

Trump’s social network developers accused of illegal use of program code

Published

on

The Software Freedom Conservancy claims Trump Media and Technology Group copied the open source code of the decentralized social network Mastodon, created a new social network based on it.

The Software Freedom Conservancy (SFC), a not-for-profit organization that enforces the rights of open source software developers and the rules for using open licenses, accused in violation of the AGPLv3 license of the Trump social network developers Truth Social.

The Software Freedom Conservancy says that the developers of the service used the open source code of the decentralized social network Mastodon in violation of the license agreement.

Although the Mastodon code is free and free, the projects using it must comply with the terms of the Affero General Public License (or AGPLv3), among which is the mandatory availability of the project source code for all its users. Trump’s media company does not yet provide such an opportunity to TRUTH Social users and calls the social network a proprietary development.

The Software Freedom Conservancy gave Trump Media and Technology Group 30 days to improve, writes The Verge. Otherwise, the use of open source Mastodon will be prohibited for the company.

Continue Reading

Security

Facebook end-to-end encryption will give foreign intelligence services surveillance capabilities

Published

on

Former Facebook employee Frances Haugen criticized the company’s decision to transfer correspondence in its services to end-to-end encryption.

The introduction of end-to-end encryption in Facebook messengers could negatively affect the privacy of users and lead to increased surveillance by intelligence agencies. This opinion was expressed by a former employee of Mark Zuckerberg’s company, Frances Haugen, reports TASS.

According to her, after the launch of encryption in the Messenger application and the social network Instagram, which are owned by Facebook, the company will lose the ability to track possible “malicious operations of special services representatives.” “End-to-End Encryption Will Allow Facebook to Eliminate [от модерирования контента] and serve as an excuse for inaction, “Haugen said ahead of her October 25 speech in the British Parliament as part of discussions on online security bill.

The social network itself does not agree with this point of view. In their opinion, the introduction of end-to-end encryption in Facebook Messenger and Instagram applications, on the contrary, is aimed primarily at protecting the privacy of users and will protect them not only from foreign surveillance, but also from hackers.

Continue Reading

Most Popular