I donate to Mozilla every month and will continue to do so, regularly.
The story making its rounds on Mastodon and the Fediverse, is one that was often shared on Twitter, by haters of Mozilla and Firefox. By a "libertarian" with both a political and personal agenda.
Pay it no mind, it is the same nonsense every year. 🙄
Cisco security advisory contains a zero-day: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. CVE-2023-20275 (4.1 medium severity). The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.
🔗 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77
Ukraine’s power grid operator has surreptitiously imported custom-built equipment designed to withstand Russian electronic warfare attacks with the help of US officials.
Engineers at US tech giant Cisco spent weeks building and stress-testing the new gear in a lab in Austin, Texas, and delivered a prototype to Ukraine in the spring with the help of a US Air Force plane carrying humanitarian aid, according to #Cisco.
Technology giant Cisco, with the support of the Pentagon, has supplied Ukrenergo— Ukrainian State Electricity Transmission System Operator—with special equipment to help it withstand cyberattacks.
Bereit für KI: Deutsche Unternehmen noch nicht abgehängt
Die deutschen Unternehmen sind bei KI bislang nicht abgehängt. Zeitnahe Investitionen werden darüber entscheiden sein, wo Deutschland zukünftig stehen wird.
🧵 European Data Protection Supervisor decision on Cisco Webex: How it started
@Curia asked the EDPS for an authorisation of data transfers that occur in the use of #Cisco#Webex (prior to US adequacy decision of the EC). @EDPS clarifies the scope on page 1 as follows:
"This Decision is NOT a general endorsement nor certification of data protection compliance of the videoconferencing services provided by any Cisco Webex entity."
Nach Internetausfall: Optus war unvorbereitet und zeigt mit dem Finger auf Cisco
Der massive Internetausfall in Australien geht laut dem Provider auf eine unerwartete Abschaltung von Cisco-Routern zurück. Darauf war man nicht vorbereitet.
Nach Internetausfall: Optus war unvorbereitet und zeigt mit dem Finger auf Cisco
Der massive Internetausfall in Australien geht laut dem Provider auf eine unerwartete Abschaltung von Cisco-Routern zurück. Darauf war man nicht vorbereitet.
Luckily for all 5 security advisoriies: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
A bit of an unofficial post-mortem on #Optus#outage yesterday (please BOOST for visibility!) I have no insider knowledge, all I can do is look at what Optus's networking gear told the rest of the world through #BGP, and make some informed guesses based on that.
The problem yesterday started at about 4am, when Optus told the world 'I no longer have any internet connectivity', and 'Do not send any internet traffic to me, at all'. The technical description is that they withdrew ALL of their routes from the #DFZ (Which is "The Internet", as seen by all the core routers that ACTUALLY control the internet).
However, as a precursor at about 3am there was a hint that things weren't perfect, as there was a flurry of changes from Optus to the outside world saying, roughly, 'Something has changed inside my network, but you can still keep sending me stuff'.
Now, as two final bits of possibly relevant information, the default for maximum-prefix on #Cisco#ASR9000 is 1048576 (this number is 'the number of routes that can be accepted by this router'), and MOST IMPORTANTLY the DFZ ("the internet") has about 980,000 routes in it at the moment. That's only 90k odd routes LESS than the default maximum.
I'd be amazed if Optus has less than 100k internal routes that aren't visible to the internet, but are visible internally.
So here's what I think happened. The at 3am, the first core #router was upgraded, and a new config was put in place. This did not join the network correctly, and things were half broken. What SHOULD have happened is that all the changes should have stopped, and either rolled back, or waited for further investigation (the cause being that more than 1mil routes were visible, causing it to shut down)
However, someone decided 'Well, maybe if we upgrade the SECOND one, that'll fix the first one' at 4am. That broke the SECOND one, and took Optus completely off the internet.
(Continued, see next for why this is far worse than it should have been)
In case you missed it (because I did): On 02 November, Cisco updated their blog post about the actively exploited zero-days CVE-2023-20198 and CVE-2023-20273, stating that they identified a new version of the implant, now called BadCandy, and added expected response from the new version of the implant against one of the HTTP requests used to check for infected device. Link:https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #43/2023 is out! It includes the following and much more:
➝ 🇺🇸 🎰 Hackers that breached Las Vegas casinos rely on violent threats, research shows
➝ 🔓 🇺🇸 University of Michigan employee, student data stolen in #cyberattack
➝ 🔓 #1Password discloses security incident linked to #Okta breach
➝ 🇺🇸 Cyber attacks hit NY state #casino operation, two Hudson Valley hospitals
➝ 🇺🇸 🗳️ D.C. Board of Elections: Hackers may have breached entire voter roll
➝ 🔓 🇮🇪 Thousands of drivers have sensitive data exposed to hackers in major IT #breach
➝ 🇷🇺 📨 Pro-Russia hackers target inboxes with #0day in webmail app used by millions
➝ 🇫🇷 🇷🇺 #France says Russian state hackers breached numerous critical networks
➝ 🇳🇬 Nigerian Police dismantle #cybercrime recruitment, mentoring hub
➝ 🇵🇸 💸 #Palestine#crypto donation scams emerge amid Israel-Hamas war
➝ 🇪🇸 👮🏻♂️ #Spain arrests 34 #cybercriminals who stole data of 4 million people
➝ 🇨🇦 🇨🇳 #Canada: Lawmakers Targeted by China-Linked ‘#Spamouflage’ Disinformation
➝ 🇺🇸 🇷🇺 Ex-NSA Employee Pleads Guilty to Leaking Classified Data to #Russia
➝ 🦠 🇰🇵 N. Korean #Lazarus Group Targets Software Vendor Using Known Flaws
➝ 🦠 🇮🇷 Iranian Group #Tortoiseshell Launches New Wave of IMAPLoader #Malware Attacks
➝ 🦠 🪰 #StripedFly malware framework infects 1 million #Windows, #Linux hosts
➝ 🦠 📱 #iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation
➝ 🔓 📱 #Samsung Galaxy S23 hacked two more times at #Pwn2Own Toronto
➝ 🔓 Critical #OAuth Flaws Uncovered in #Grammarly, #Vidio, and #Bukalapak Platforms
➝ 🔓 🩺 Critical Flaw in NextGen's Mirth Connect Could Expose #Healthcare Data
➝ 🔓 #F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP
➝ 🔓 🍏 Hackers can force iOS and #macOS browsers to divulge #passwords and much more
➝ 🩹 #Citrix warns admins to patch #NetScaler CVE-2023-4966 bug immediately
➝ 🔓 ✌🏻 #Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops
➝ 🔓 Critical RCE flaws found in #SolarWinds access audit solution
📚 This week's recommended reading is: "Click Here to Kill Everybody: Security and Survival in a Hyper-connected World" by Bruce Schneier
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Cisco Fortifies Ukraine’s Power Grid Against Russian Cyber Aggression (mil.in.ua)
Technology giant Cisco, with the support of the Pentagon, has supplied Ukrenergo— Ukrainian State Electricity Transmission System Operator—with special equipment to help it withstand cyberattacks.