Security Leftovers
-
Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks
Tracked as CVE-2023-20269 (CVSS score of 5.0, medium severity), the issue exists in the remote access VPN feature of Cisco ASA and FTD and can be exploited remotely, without authentication, in brute force attacks.
“This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features,” Cisco explains in an advisory.
-
How we built a secure RDP client
By deliberately implementing a naive client and not leveraging a feature-packed solution like FreeRDP, our initial releases lacked initial support for a lot of features that people have come to expect from remote desktop solutions - bidirectional copy/paste, file sharing, etc. Our decision to use the web browser as the user-facing client meant that we don’t have access to system resources in the way that a native client would.
-
You Need to Update Your iPhone, Right Now
Apple has just released a security update warning iPhone users to update their phones to iOS 16.6.1 to avoid becoming the target of a vicious malware attack.
The exploit is called Blastpass and uses Pegasus spyware from NSO Group to read a target’s text messages, view their photos, and listen to calls. The malware was discovered by the Citizen Lab in the Munk School of Global Affairs & Public Policy at the University of Toronto, with researchers notifying Apple of the “zero-click, zero-day” exploit. Citizen Lab first spotted Blastpass on the phone of an unnamed Washington D.C. employee at a civil society organization with international offices. Blastpass can attack any phone running iOS 16.6 “without any interaction from the victim” says CitizenLab.
-
News Roundup: Behind the Voting Machine Breaches
Special Counsel Jack Smith’s ongoing investigation into 2020 election subversion is now focusing on voting machine breaches in four swing states — Arizona, Georgia, Michigan, and Pennsylvania — according to reporting from CNN this week.
American Oversight has been investigating efforts by activists in each of these states to overturn the election results, and the evidence we’ve uncovered has been helping to drive accountability. The new CNN report cited records we obtained that show these efforts involved election deniers from around the country — including Sidney Powell, whose nonprofit Defending the Republic has close ties to election-undermining efforts in Pennsylvania and Arizona. Powell has been identified as a co-conspirator in the DOJ’s indictment of Donald Trump, and she was charged in Fulton County, Georgia.
-
CNN Exclusive: Special counsel election probe continues with focus on fundraising, voting equipment breaches
According to invoices obtained by CNN, Powell’s non-profit, Defending the Republic, hired forensics firms that ultimately accessed voting equipment in four swing states won by Biden: Georgia, Pennsylvania, Michigan and Arizona.
Powell faces criminal charges in Georgia after she was indicted last month by Atlanta-area district attorney Fani Willis, who alleges that Powell helped coordinate and fund a multi-state plot to illegally access voting systems after the 2020 election.
-
New charges filed against Trickbot ransomware gang
The charges, filed yesterday, reveal the actual identities of the criminals, who will probably never see a courtroom, let alone a prison, anywhere in the world. Nevertheless, they represent a continued law enforcement effort to bring international cyber criminals to justice and disrupt their operations.