Emergency Zero-Day Exploit threatens Cisco switches running IOS XE

Submitted by data-doctor on Tue, 10/17/2023 - 03:02

Cisco switch logo43.3% of the world runs on Cisco switches. 80,000 devices are potentially at risk from a zero-day exploit active on switches running IOS XE. The vulnerability grants hackers superadmin privileges on the switch.

This crisis is rated at the highest threat level.
The implant is saved in the file path “/usr/binos/conf/nginx-conf/cisco_service.conf.” It contains two variable strings of hexadecimals.

You can check if the implant is running using the command line interface, where the "DEVICEIP” portion is a placeholder for the IP address of the device to check:

curl -k -X POST "https[:]//DEVICEIP/webui/logoutconfirm.html?logon_hash=1"

Learn more at Ars Technica with Dan Goodin.

SprySOCKS malware targets Linux systems

Submitted by data-doctor on Tue, 09/19/2023 - 03:09

hackedThere's a new malware targeting cryptocurrency enthusiasts and gamblers. It's been going after Windows users, but it now has a Linux variant.
The payload is typically delivered through a phishing e-mail or message that directs to a compromised site.

"SprySOCKS implements the usual backdoor capabilities, including collecting system information, opening an interactive remote shell for controlling compromised systems, listing network connections, and creating a proxy based on the SOCKS protocol for uploading files and other data between the compromised system and the attacker-controlled command server."

Learn more at Ars Technica with Dan Goodin.

"US copyright law protects only works of human creation"

Submitted by data-doctor on Tue, 08/22/2023 - 00:14

The philosophical question is "Can an AI make art?" Are AIs truly creative, or do they steal techniques from other artists? Artificial creators analyze millions of images from other artists, so are their creations unique? Does the machine's process duplicate what humans do when they learn about art? Humans study past art for inspiration. Human artists tend to develop a style or styles that define the scope of their work.

So does the work of a human have more value than the work of an AI? I don't think there's an easy answer to that question. People have vastly different systems of value that may preference art made by machines, but copyright law was made to protect humans and to preserve the value of their creations. If AIs become citizens, maybe they will qualify for protections. According to this early but pivotal case, only human creations can be copyrighted.

Read Ars Technica on this pivotal case defending the value of human creativity.

Personal Data Compromised for Millions in Oregon and Louisiana

Submitted by data-doctor on Fri, 06/16/2023 - 12:23

A cyberattack on Oregon and Louisiana driver's license databases could lead to identity theft and worse as personal information from millions of people may have been stolen. While the company responsible for the software claims the vulnerabiulity has been patched, it's clear that other targets may have been compromised with an attack through the file-transfer system. Once again, we are reminded that no security system is foolproof, and that we need to work harder to protect people's personal data.

Read more about the latest cyberattack on driver's license databases in Oregon and Louisiana.

Critical Vulnerability patch for Windows Zero-Day: CVE-2023-23397

Submitted by data-doctor on Wed, 03/15/2023 - 00:23

Critical VulnerabilityWhat if you could subvert Microsoft Outlook by sending a carefully-crafted e-mail? That's what Microsoft patched today (3/15/2023). You don't even have to open the e-mail for the corrupt code to execute. All you have to do is open Outlook, or potentially Mail. There are several other critical vulnerabilities that Tuesday's patches remediate. Please make sure your Windows operating system is up-to-date with all current patches.

Read more about the issue on Dark Reading.


Is your ESXI patched? 2/7/2023

Submitted by data-doctor on Tue, 02/07/2023 - 17:53

ESXI logoAre you running VMWare ESXI? It's time to patch. If you haven't installed two-year old CVE-2021-21974, you need to do it now. It's common that administators patch OS vulnerabilities, but neglect to patch the ESXI itself, because that may require taking critical systems offline. Because so many ESXI servers are unpatched, this attack has infected thousands of systems worldwide. It's ransomware that can theoretically take down all of your virtual machines. Here's coverage from Ars Technica:

Hackers are mass infecting servers worldwide by exploiting a patched hole


Moving to Mastodon

Submitted by data-doctor on Sun, 11/20/2022 - 00:57

Mastodon logoDid you leave Twitter? Did you migrate to the Mastodon commons? It looks a lot like Twitter, but it's a distributed network that isn't collecting your data or marketing products. It's not a company, it's a non-profit, open source, federated social media service. Will Mastodon be able to welcome former tweeters and can admins change the "toot" button to "bellow?"

Read WIRED on the Great Migration