Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times

Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times,

Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1.
The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access ISPs, financial

,

Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1.
The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access ISPs, financial

, ,
https://thehackernews.com/2022/03/hackers-abuse-mitel-devices-to-amplify.html

Critical Bugs Could Let Attackers Remotely Hack, Damage APC Smart UPS Devices

Critical Bugs Could Let Attackers Remotely Hack, Damage APC Smart UPS Devices,

Three high-impact security vulnerabilities have been disclosed in APC Smart-UPS devices that could be abused by remote adversaries as a physical weapon to access and control them in an unauthorized manner.
Collectively dubbed TLStorm, the flaws « allow for complete remote takeover of Smart-UPS devices and the ability to carry out extreme cyber-physical attacks, » Ben Seri and Barak Hadad,

,

Three high-impact security vulnerabilities have been disclosed in APC Smart-UPS devices that could be abused by remote adversaries as a physical weapon to access and control them in an unauthorized manner.
Collectively dubbed TLStorm, the flaws « allow for complete remote takeover of Smart-UPS devices and the ability to carry out extreme cyber-physical attacks, » Ben Seri and Barak Hadad,

, ,
https://thehackernews.com/2022/03/critical-bugs-could-let-attackers.html

The Incident Response Plan – Preparing for a Rainy Day

The Incident Response Plan – Preparing for a Rainy Day,

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. 
Just as it wasn’t raining when Noah built the ark, companies must face the fact

,

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. 
Just as it wasn’t raining when Noah built the ark, companies must face the fact

, ,
https://thehackernews.com/2021/06/the-incident-response-plan-preparing.html

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant,

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications.
The exploited vulnerabilities included « a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in

,

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications.
The exploited vulnerabilities included « a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in

, ,
https://thehackernews.com/2022/03/chinese-apt41-hackers-broke-into-at.html

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses,

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems.
Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to « an unauthenticated attacker gaining root on these devices. »
Pascom Cloud Phone System is an

,

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems.
Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to « an unauthenticated attacker gaining root on these devices. »
Pascom Cloud Phone System is an

, ,
https://thehackernews.com/2022/03/critical-rce-bugs-found-in-pascom-cloud.html

Ukraine : le cyberespace occidental se met en alerte maximale

Ukraine : le cyberespace occidental se met en alerte maximale,

Les agences gouvernementales craignent des attaques sur les infrastructures critiques. Toutes les organisations sont invitées à vérifier leurs protections.

,

Les agences gouvernementales craignent des attaques sur les infrastructures critiques. Toutes les organisations sont invitées à vérifier leurs protections.

, ,
https://www.01net.com/actualites/ukraine-le-cyberespace-occidental-se-met-en-alerte-maximale-2055438.html

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms,

Microsoft’s Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others.
Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known

,

Microsoft’s Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others.
Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known

, ,
https://thehackernews.com/2022/03/critical-security-patches-issued-by.html

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices,

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP’s UEFI firmware. The variety of devices affected includes HP’s laptops, desktops, point-of-sale

,

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP’s UEFI firmware. The variety of devices affected includes HP’s laptops, desktops, point-of-sale

, ,
https://thehackernews.com/2022/03/new-16-high-severity-uefi-firmware.html

Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks

Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks,

A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia’s invasion of Ukraine.
Google’s Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia’s GRU military

,

A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia’s invasion of Ukraine.
Google’s Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia’s GRU military

, ,
https://thehackernews.com/2022/03/google-russian-hackers-target.html

Google Buys Cybersecurity Firm Mandiant for $5.4 Billion

Google Buys Cybersecurity Firm Mandiant for $5.4 Billion,

Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion, the two technology firms announced Tuesday.
Mandiant is expected to be folded into Google Cloud upon the closure of the acquisition, which is slated to happen later this year, adding to the latter’s growing portfolio of security offerings such as BeyondCorp Enterprise, VirusTotal,

,

Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion, the two technology firms announced Tuesday.
Mandiant is expected to be folded into Google Cloud upon the closure of the acquisition, which is slated to happen later this year, adding to the latter’s growing portfolio of security offerings such as BeyondCorp Enterprise, VirusTotal,

, ,
https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html