Diğerleri

Iranian hackers breached US govt agency, deploy crypto miner

Nov 18, 2022 #www.audiophile.org

Iranian hackers breached US govt agency, deploy crypto miner

En İyi Ev Ses Sistemi, Ev Ses Sistemleri Online, müzik dinlemek için en iyi hoparlörler, ev stereo sistemi bileşenleri, Satılık Müzik Seti

An unnamed Iranian state-sponsored hacking group managed to compromise the endpoints belonging to an American Federal Civilian Executive Branch (FCEB) organization, and used its access to deploy a cryptocurrency miner.

The Cybersecurity and Infrastructure Agency (CISA) published the findings earlier this week. As per its report, CISA was brought in, in mid-June, to investigate suspicions of advanced persistent threat (APT) activity. 

Following a month-long investigation that ended in July 2022, the agency concluded that an Iranian state-sponsored threat actor managed to compromise an unpatched VMware Horizon server by leveraging the infamous log4j vulnerability, Log4Shell.

Patching VMware systems

The group used the access to install XMRig, a known cryptocurrency miner that uses the device’s computing power to generate Monero, a privacy-first cryptocurrency that’s almost impossible to track and trace.

The actors also moved laterally to the domain controller (DC), compromised credentials, and then implanted Ngrok reverse proxies, on several hosts, in order to maintain persistence on the network.

Following the release of these findings, CISA, together with the FBI, urged all organizations with similar VMware systems to apply the available patches immediately, or load known workarounds. 

Read more

> Check out the best malware protection services right now

> Log4j could be the most serious security threat ever seen, CISA head warns

> Log4Shell can hack your iPhone and even a Tesla

All organizations with affected VMware systems were told to “assume compromise” and initiate threat hunting activities.

“If suspected initial access or compromise is detected based on IOCs or TTPs described in this CSA, CISA and FBI encourage organizations to assume lateral movement by threat actors, investigate connected systems (including the DC), and audit privileged accounts,” the announcement reads. 

“All organizations, regardless of identified evidence of compromise, should apply the recommendations in the Mitigations section of this CSA to protect against similar malicious cyber activity.”

Log4Shell, which was first discovered late last year, was described by CISA director Jen Easterly as “one of the most serious, if not the most serious” vulnerability she’s ever seen.

  • Here are the best antivirus solutions right now

En İyi Ev Ses Sistemi,
Ev Ses Sistemleri Online,
müzik dinlemek için en iyi hoparlörler,
ev stereo sistemi bileşenleri,
Satılık Müzik Seti

stereoguide-referencehometheater-techradar

Related Post

Bluetooth Earphones Bluetooth Headphones Bluetooth Speakers DACs Diğerleri Earphones Mobile DAC Noise Cancelling Headphones Planar Headphones

DJ Dris Releases ‘Origins’ On Born Digital Music

May 15, 2024
Diğerleri

Google Search is getting a massive upgrade – including letting you search with video

May 15, 2024
Diğerleri

Ayn’s new gaming handheld looks like a PSP, and it might just fill the hole in your heart left by Sony’s best portable

May 15, 2024

Şu Ürünleri Kaçırmayın

Hi-Fi,

Ortofon’s New Concorde Music Cartridge Range Lands in Munich

15/05/2024
Hi-Fi, Amplifiers, Integrated Amplifiers , Applause Awards , 2024,

Synthesis Roma 753AC Integrated Amplifier Review

15/05/2024
Dijital Kablolar

Naim dc1 digital cable – 1.25 metre

15/05/2024
Analog Kaynaklar Bluetooth Earphones Bluetooth Headphones Bluetooth Speakers DACs Earphones Headphones Hifi Haberleri

Aiwa SP-A100 Raf tipi Hoparlör

15/05/2024