Tag Archive for: Units

How one of Vladimir Putin’s most prized hacking units got pwned by the FBI

/in


How one of Vladimir Putin’s most prized hacking units got pwned by the FBI

Getty Images

FBI officials on Tuesday dropped a major bombshell: After spending years monitoring exceptionally stealthy malware that one of the Kremlin’s most advanced hacker units had installed on hundreds of computers around the world, agents unloaded a payload that caused the malware to disable itself.

The counter-hack took aim at Snake, the name of a sprawling piece of cross-platform malware that for more than two decades has been in use for espionage and sabotage. Snake is developed and operated by Turla, one of the world’s most sophisticated APTs, short for advanced persistent threats, a term for long-running hacking outfits sponsored by nation-states.

Inside jokes, taunts, and mythical dragons

If nation-sponsored hacking was baseball, then Turla would not just be a Major League team—it would be a perennial playoff contender. Researchers from multiple security firms largely agree that Turla was behind breaches of the US Department of Defense in 2008, and more recently the German Foreign Office and France’s military. The group has also been known for unleashing stealthy Linux malware and using satellite-based Internet links to maintain the stealth of its operations.

One of the most powerful tools in Turla’s arsenal is Snake, a digital Swiss Army knife of sorts that runs on Windows, macOS, and Linux. Written in the C programming language, Snake comes as a highly modular series of pieces that are built on top of a massive peer-to-peer network that covertly links one infected computer with another. Snake, the FBI said, has to date spread to more than 50 countries and infected computers belonging to NATO member governments, a US journalist who has covered Russia, and sectors involving critical infrastructure, communications, and education.

A short list of Snake capabilities includes a backdoor that allows Turla to install or uninstall malware on infected computers, send commands, and exfiltrate data of interest to the Kremlin. A professionally designed piece of software, Snake uses several layers of custom encryption to encrypt commands and exfiltrated data….

Source…

Critical Remote Hack Flaws Found in Dataprobe’s Power Distribution Units

/in


Power Distribution Units

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an industrial control systems (ICS) advisory warning of seven security flaws in Dataprobe’s iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers.

“Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe iBoot-PDU device,” the agency said in a notice.

Credited with disclosing the flaws is industrial cybersecurity firm Claroty, which said the weaknesses could be remotely triggered “either through a direct web connection to the device or via the cloud.”

CyberSecurity

iBoot-PDU is a power distribution unit (PDU) that provides users with real-time monitoring capabilities and sophisticated alerting mechanisms via a web interface so as to control the power supply to devices and other equipment in an OT environment.

Power Distribution Units

The vulnerabilities assume new significance when taking into consideration the fact that no fewer than 2,600 PDUs are accessible on the internet, with Dataprobe devices accounting for nearly a third of those exposed, according to a 2021 report from attack surface management platform Censys.

Claroty’s analysis of the PDU firmware shows that the product is crippled by issues ranging from command injection to path traversal flaws, exposing customers to severe security risks –

  • CVE-2022-3183 (CVSS score: 9.8) – A command injection vulnerability stemming from a lack of sanitization of user input
  • CVE-2022-3184 (CVSS score: 9.8) – A path traversal vulnerability that enables access to an unauthenticated PHP page, which could be abused to insert malicious code

Successful remote exploitation of the flaws “puts an attacker within arm’s length of disrupting critical services by cutting off electric power to the device and subsequently, anything plugged into it,” Claroty researcher Uri Katz said.

Power Distribution Units

The other five uncovered vulnerabilities (from CVE-2022-3185 through CVE-2022-3189) could be weaponized by a bad actor to access the device’s main management page from the cloud and even trick the server to connect to arbitrary internal or external systems (aka SSRF), potentially leaking sensitive information.

CyberSecurity

“Even…

Source…

AITX’s Subsidiary Robotic Assistance Devices Shipping an Additional 14 Units on New Letter of Intent from Major Casino Operator

/in


News and research before you hear about it on CNBC and others. Claim your 1-week free trial to StreetInsider Premium here.

Large Deployment Expected to Begin in July

Detroit, Michigan, June 22, 2022 (GLOBE NEWSWIRE) — Artificial Intelligence Technology Solutions, Inc., (OTCPK:AITX), today announced that its wholly owned subsidiary Robotic Assistance Devices, Inc. (RAD) has received a Letter of Intent from a regional casino operator for large quantity of RAD devices. The expected receipt of this order had been previously acknowledged in a press release in late April of this year.

The Company stated that the Letter of Intent is for a minimum of 12 ROSA security units, 1 SCOT stationary tower, and 1 ROAMEO mobile security robot. The agreement is structured as to allow the client to increase the number of units on order without the need to re-engage their purchasing process. It is expected that deployments will begin in July 2022. The client may choose to be identified in the future as well as participate in a case study since the RAD devices will be in public view.

“Persistence pays off. At RAD we grind until we get the win,” said Mark Folmer, President of RAD. “This client has certainly done their due diligence. I have great respect for their partner qualification process. We’ve gone through similar procedures to ensure that every box is checked when a client is looking at RAD.”

“This is going to be such a great deployment,” said Steve Reinharz, CEO of AITX and RAD. “It’s a picture-perfect commercial deployment, with multiple ROSAs keeping an eye on the facility and their guests, a SCOT at the main entrance providing valuable information and security, plus a ROAMEO on patrol between the parking structure and the front entrance. We expect that these quantities could double in the coming months, at this one location.”

RAD’s parent company AITX has filed for uplisting to the OTCQB. Future announcements will be made regarding the status of the OTCQB application.

ROSA is a compact, self-contained, portable, security and communication solution that can be deployed in about 15 minutes. Like other RAD solutions, it only requires power as it includes all necessary…

Source…

Security workers called in to protect mobile vaccine units – The Durango Herald

/in


GOLDEN – Security workers will accompany nurses and staff members of Jefferson County Public Health’s three mobile vaccine units for the foreseeable future after months of harassment and abuse.

Last weekend, the agency was forced to pull vans off the street after a driver in Gilpin County, who contracts Jefferson County’s health agency, drove toward and destroyed signs around the van. Others “verbally abused” staff members Sept. 4, said Dr. Dawn Comstock, the agency’s executive director.

These types of attacks have been going on for months, she said, but they’ve escalated to a higher degree. For example, last month someone threw live fireworks into a tent of nurses and staff members, the Gazette reported.

Despite the ongoing barrage of attacks and harassment, the county was still set to hold its COVID-19 vaccine events.

“JCPH will not be intimidated out of its public health mission,” Comstock said. “We’ve arranged additional security measures to keep staff safe and will be working with our law enforcement partners to assure these handful of extremists are not allowed to infringe on the rights of those who want to be vaccinated.”

Each incident has been reported to law enforcement, however, each time the perpetrator has left the scene before they arrived.

Two incidents are being investigated by the Jefferson County Sheriff’s Office and at least one by the Arvada Police Department, said Mike Taplin, a spokesperson for the Sheriff’s Office.

The health department has partnered with the Jefferson County Sheriff’s Office and other local law enforcement agencies who will evaluate whether security, a deputy – on or off-duty – or other local officers, are needed.

Comstock said she also contacted the Colorado Department of Public Health and Environment to ask for them to provide security or funding for security to be used at each mobile vaccine unit, but was told they’re working with state law enforcement to combat the issue around the state.

“They let us know this isn’t…

Source…