Security Leftovers
-
Chinese APT Uses New ‘Stack Rumbling’ Technique to Disable Security Software
A subgroup of China-linked hacker group APT41 is using a new ‘stack rumbling’ DoS technique to disable security software.
-
Exploitation of BGP Implementation Vulnerabilities Can Lead to Disruptions
Open source BGP implementation FRRouting is affected by three vulnerabilities that can be exploited to cause disruption via DoS attacks.
-
SolarWinds Detected Six Months Earlier
New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandient detected it in December 2020, but didn't realize what they detected... and so ignored it.
WIRED can now confirm that the operation was actually discovered by the DOJ six months earlier, in late May 2020but the scale and significance of the breach wasn't immediately apparent. Suspicions were triggered when the department detected unusual traffic emanating from one of its servers that was running a trial version of the Orion software suite made by SolarWinds, according to sources familiar with the incident. The software, used by system administrators to manage and configure networks, was communicating externally with an unfamiliar system on the internet. The DOJ asked the security firm Mandiant to help determine whether the server had been hacked. It also engaged Microsoft, though it’s not clear why the software maker was also brought onto the investigation...
-
Netflix MH370: The plane that wasn’t hacked
I’m a sucker for a good documentary, but the recent Netflix MH370 piece had me shouting at the screen.
-
Europol-led operation leads to arrest of 288 dark web vendors
A joint operation coordinated by the European Union Agency for Law Enforcement Cooperation, with support from the U.S. Federal Bureau of Investigation, has resulted in the arrest of 288 dark web vendors. The operation, code-named 'SpecTor,' resulted from the previously unknown seizure of a dark web marketplace called Monopoly Market in December 2021.