Adversaries are leveraging remote access tools now more than ever — here’s how to stop them

Remote system management/desktop access tools such as AnyDesk and TeamViewer have grown in popularity since 2020. While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. There is no easy way to effectively...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Trustpoint Configuration Defaults

Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software can be configured for certificate authentication in remote access VPN deployments. An external researcher has identified several misconfigured Cisco ASA and FTD Software remote access devices where the...

Aussie govt emergency service hacked to send fake warning alerts

By Waqas A hacker managed to infiltrate Australian emergency warning system Early Warning Network EWN. The hacker accessed the system and sent countless messages to random citizens informing them that “you’ve been hacked.” However, the warning service’s managing director Kerry Plowright claims th...

USN-3183-1 gnutls26, gnutls28 vulnerabilities

Stefan Buehler discovered that GnuTLS incorrectly verified the serial length of OCSP responses. A remote attacker could possibly use this issue to bypass certain certificate validation measures. This issue only applied to Ubuntu 16.04 LTS. CVE-2016-7444 Shi Lei discovered that GnuTLS incorrectly...

USN-3181-1: OpenSSL vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...