Tag Archive for: model

Ivanti CEO pledges to “fundamentally transform” its hard-hit security model

/in


Red unlocked icon amidst similar blue icons

Getty Images

Ivanti, the remote-access company whose remote-access products have been battered by severe exploits in recent months, has pledged a “new era,” one that “fundamentally transforms the Ivanti security operating model” backed by “a significant investment” and full board support.

CEO Jeff Abbott’s open letter promises to revamp “core engineering, security, and vulnerability management,” make all products “secure by design,” formalize cyber-defense agency partnerships, and “sharing information and learning with our customers.” Among the details is the company’s promise to improve search abilities in Ivanti’s security resources and documentation portal, “powered by AI,” and an “Interactive Voice Response system” for routing calls and alerting customers about security issues, also “AI-powered.”

Ivanti CEO Jeff Abbott addresses the company’s “broad shift” in its security model.

Ivanti and Abbott seem to have been working on this presentation for a while, so it’s unlikely they could have known it would arrive just days after four new vulnerabilities were disclosed for its Connect Secure and Policy Secure gateway products, two of them rated for high severity. Those vulnerabilities came two weeks after two other vulnerabilities, rated critical, with remote code execution. And those followed “a three-week spree of non-stop exploitation” in early February, one that left security directors scrambling to patch and restore services or, as federal civilian agencies did, rebuild their servers from scratch.

Because Ivanti makes VPN products that have been widely used in large organizations, including government agencies, it’s a rich target for threat actors and a target that’s seemed particularly soft in recent years. Ivanti’s Connect Secure, a VPN appliance often abbreviated as ICS, functions as a gatekeeper that allows authorized devices to connect.

Due to its wide deployment and always-on status, an ICS has been a…

Source…

MOVEit hackers may have found simpler business model beyond ransomware

/in


A notorious cyber extortion gang’s latest plot is fueling concern that ransomware actors may have hit upon a simpler and just-as-lucrative business model than their traditional methods of demanding payment from victims in exchange for the release of their computer systems.

The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular MOVEit file transfer program and stole data from a growing number of victims, exposing the personal information of many millions of people worldwide.

It’s Cl0p’s third and largest hack of file-transfer software, which is designed to securely facilitate an organization’s transmission of sensitive data. More alarmingly, it’s also the third time it has simply demanded payment not to release data rather than demanding a ransom to decrypt a victim’s system.

“It’s sort of a new business model for them,” said Huntress senior researcher John Hammond, who helped find the backdoor zero-day exploit Cl0p used to trick MOVEit’s database to execute the gang’s commands. Hammond said the latest extortion method is easier to implement.

“You don’t need to encrypt the hard drive,” he said. 

Hammond and others warn that we should expect to see additional attacks in the future targeting file-transfer software in particular, as well as other data-rich tools such as document management programs.

“It’s been quite productive,” said Bert Kondruss, founder of cybersecurity firm Kon Briefing. “I’m pretty sure they will concentrate on this.” 

Scouring regulatory filings, public statements and other sources, Kondruss has compiled an unofficial list of 128 victims so far. Hammond, Kondruss and others expect many more. 

Analysts say the bulk of the attacks occurred over the Memorial Day weekend in the United States when staffing was minimal.  

The hacking group began publishing the names of its victims earlier this month after demanding payments from them, including the University of California, Los Angeles, Siemens Energy and three others reported on Monday. Cl0p continues to post updates that claim to detail new victims on a daily basis.

“The company doesn’t care about its customers, it ignored their security!!!” the hackers wrote on their…

Source…

Hackers win Tesla Model 3 at security competition with $530,000 exploit

/in


Despite these flaws, the researchers noted that Tesla is doing an excellent job of making the car difficult to hack by putting in place a sophisticated system of sandboxes, which isolates components and makes it more difficult to gain greater privileges by simply breaking into one of them.

TOCTOU attack

The Synacktiv team demonstrated two different exploits. At first, it took them less than two minutes to compromise the Model 3’s Gateway system, which serves as the energy management interface for communication between Tesla vehicles and Tesla Powerwalls.

They inserted the required malicious code using a Time of Check to Time of Use (TOCTOU) attack, a strategy that takes advantage of the brief interval between when a computer examines something like a security credential and when it really uses it.

They weren’t hacking a genuine Model 3 for safety concerns, but they would have been able to open the front hood and doors of the vehicle even while it was moving.

Source…

Hackers expose key vulnerabilities in a Tesla Model 3

/in


As we’ve learned over the past few years, almost anything that connects to the internet, uses Bluetooth or any other wireless protocols, or simply has a computer chip inside can be hacked—and that includes cars. There are just too many potential vulnerabilities across all these surfaces for hackers to exploit, and every time there’s a software update, there is a chance that new ones get introduced even as the old ones are patched out. (Seriously, keep your software up-to-date, though. It’s the best way to stay as secure as possible.)

With that in mind, researchers from French security firm Synacktiv have won $530,000 and a Tesla Model 3 at Pwn2Own Vancouver, a security competition where “white hat” hackers and security researchers can win the devices with previously unknown vulnerabilities (that they discover and exploit)—plus a cash prize.

The team from Synacktiv demonstrated two separate exploits. In the first, they were able to breach the Model 3’s Gateway system, the energy management interface that communicates between Tesla cars and Tesla Powerwalls, in less than two minutes. They used a Time of Check to Time of Use (TOCTOU) attack, a technique that exploits the small time gap between when a computer checks something like a security credential and when it actually uses it, to insert the necessary malicious code. For safety reasons, they weren’t hacking a real Model 3, but they would have been able to open the car’s doors and front hood, even while it was in motion. 

The second exploit allowed the hackers to remotely gain root (or admin) access to the mock Tesla’s infotainment system and from there, to gain control of other subsystems in the car. They used what’s known as a heap overflow vulnerability and an out-of-bounds write error in the Bluetooth chipset to get in. Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative (ZDI), told Dark Reading, “The biggest vulnerability demonstrated this year was definitely the Tesla exploit. They went from what’s essentially an external component, the Bluetooth chipset, to systems deep within the vehicle.” 

According to TechCrunch, Tesla contends that all the…

Source…