lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

61
active users

#rapid7

0 posts0 participants0 posts today

World's first #CPU-level #ransomware can "bypass every freaking traditional technology we have out there" — new #firmware-based attacks could usher in new era of unavoidable ransomware
Beek, #Rapid7's senior director of threat analytics, revealed AMD Zen chip bug gave him idea that highly skilled attacker could in theory "allow those intruders to load unapproved #microcode into the processors, breaking encryption at the hardware level and modifying CPU behavior at will."
tomshardware.com/pc-components

Tom's Hardware · World's first CPU-level ransomware can "bypass every freaking traditional technology we have out there" — new firmware-based attacks could usher in new era of unavoidable ransomwareBy Stephen Warwick
Replied in thread

JetBrains tries to save face by responding to Rapid7's blog post with clarifications. It comes off accusatory and defends their attempt to silently patch. cc: @catc0n @campuscodi @serghei @jgreig
🔗 blog.jetbrains.com/teamcity/20

To reiterate, we never had any intention to release a fix silently without making the full details public. As a CVE Numbering Authority (CNA), we assigned CVE IDs for both issues a day after receiving the report.

We suggested disclosing the details of the vulnerabilities in the same way we have followed in the past (with a time delay between releasing a fix and making a full disclosure), which allows our customers to upgrade their TeamCity instances.

This suggestion was rejected by the Rapid7 team who published full details of the vulnerabilities (and how to exploit them) a few hours after we had released a fix to TeamCity customers.

The JetBrains BlogInsights and Timeline: Our Approach to Addressing the Recently Discovered Vulnerabilities in TeamCity On-Premises | The TeamCity BlogThis is a follow-up to the vulnerability announcement we published on March 4, 2024. It’s important that we properly communicate the timeline for fixing the CVE-2024-27198 and CVE-2024-27199 vulner
Continued thread

Rapid7 provides technical analyses into JetBrains TeamCity vulnerabilities CVE-2024-27198 and CVE-2024-27199, both of which they consider to be authentication bypasses. They provide what are effectively Proofs of Concept, even if the words "poc" or "proof" aren't used. Rapid7 notes what an indicator of compromise would appear as for CVE-2024-27198. Timeline has an interesting exchange between JetBrains and Rapid7 regarding silent patching.
🔗 rapid7.com/blog/post/2024/03/0

cc: @ntkramer @catc0n

Rapid7 · CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED) | Rapid7 Blog

We lost a bunch of really great folks at #Rapid7 today — but our loss can and absolutely SHOULD be your gain. If you are hiring, hire these people. They are smart, they are dedicated, they are with very few exceptions unfailingly kind and always working to make the industry better. They don't talk shit, they get shit done. That's pretty rare in this industry.

The snide comments I've seen here and there do a disservice to a lot of supremely talented, genuinely good-hearted people in a tough spot. Please don't listen to folks who are intent on spreading negativity — help good folks who are in need, and not-so-incidentally will be great for your business! <3

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #31/2023 is out! It includes the following and much more:

🐛 ✂️ Researchers Uncover New High-Severity #Vulnerability in #PaperCut Software
🇮🇱 🦠 #Israel cybersecurity agency says no breach after senior official self-infects home PC with #malware
🇺🇸 CISA’s strategic plan adheres to overall Biden administration direction on cybersecurity
🩹 ❌ Top 12 vulnerabilities list highlights troubling reality: many organizations still aren’t #patching
🐬 🔓 Hacking tool #FlipperZero tracked by intelligence agencies, which fear white nationalists may deploy it against power grid
🔥 🔓 Hundreds of #Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
⚡🔓 Researchers jailbreak a #Tesla to get free in-car feature upgrades
🏭 📊 Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
🇷🇺 👥 Russian hackers target govt orgs in #Microsoft Teams #phishing attacks
🩹 🔓 #Rapid7 found a bypass for the recently patched actively exploited #Ivanti EPMM bug
🙈🔓 #Tenable CEO accuses Microsoft of negligence in addressing security flaw
🎣 📨 Hackers exploited #Salesforce zero-day in #Facebook phishing attack
🇺🇸 ☁️ US internet hosting company appears to facilitate global #cybercrime, researchers say
🇨🇳 🇪🇺 #China's #APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
🦠 💸 Schools Are Now the Leading Target for Cyber Gangs as Ransom Payments Encourage Attacks
🇺🇸 🇨🇳 Possible Chinese Malware in US Systems - a ‘Ticking Time Bomb’
🇮🇹 🏦 Cybercriminals Renting #WikiLoader to Target Italian Organizations with Banking Trojan
🇺🇸 🇨🇳 Microsoft downplays damaging report on Chinese hacking its own engineers vetted
🇯🇴 💬 #Jordan adopts cybercrime law seen as threat to #freespeech
🇪🇬 🏥 Hacker Claims to Have Stolen Sensitive Medical Records from #Egypt's Ministry of Health
🔓 💰 #BankCard USA surrenders and pays #ransom

📚 This week's recommended reading is: "Art of Software Security Assessment, The: Identifying and Preventing Software Vulnerabilities" by Mark Dowd, John McDonald, and Justin Schuh

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

infosec-mashup.santolaria.net/

X’s Infosec NewsletterInfoSec MASHUP - Week 31/2023By Xavier «X» Santolaria