April | 2024 | OSG: Bits, Bytes and Packets

Skip navigation

Monthly Archives: April 2024

Police bust accuses 37 of being cyber criminals that stole identities, credit card numbers and pin codes; seize LabHost site on Dark Web

April 18, 2024 – 9:56 am
Posted in Attacks, Card theft, Computers and Internet, Cyber security, Fraud, Online Fraud, Phishing, Privacy Alert, Scam, Social Engineering
Tagged Bust, Cyber Defence Alliance, Dark Web, fraudulent text messages, Labhost, Metropolitan Police, msn.com, National Crime Agency
Leave a Comment

Police bust cyber gang accused of worldwide fraud (msn.com)

Palo Alto updates patching guidance for command injection vulnerability

April 16, 2024 – 5:27 pm
Posted in Attacks, Computers and Internet, Cyber security, Exploit Warning, HAck, Patch Available, POC, Vulnerability
Tagged CVSS Score 10.0, Operation MidnightEclipse, Palo Alto, PAN-252214, PAN-OS, Unit-42
Leave a Comment

https://security.paloaltonetworks.com/CVE-2024-3400

This is a command injection vulnerability that enabled an unauthenticated attacker to execute code with root privileges. POC has been released publicly.

Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.

You can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways or Network > GlobalProtect > Portals).

https://unit42.paloaltonetworks.com/cve-2024-3400

VPN brute force attacks: Your logs are full of them (guaranteed)

April 16, 2024 – 1:10 pm
Posted in Attacks, Community, Computers and Internet, Cyber security, HAck, VPN
Tagged BigMama Proxy, Bleepingcomputer.com, Checkpoint VPN, Cisco, Cisco Secure Firewall VPN, Cisco Talos, Draytek, FortiOS SSL-VPN, IPIDEA Proxy, Miktrotik, Nexus Proxy, Proxy Rack, RD Web Services, SonicWall VPN, Space Proxies, TOR, Ubiquiti, VPN, VPN Gate
Leave a Comment

https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services

Make sure you are using MFA for every account that has remote access and check all remote access points; not just VPNs.

Not April Fools: Duo (Cisco) MFA service breached… via phishing scheme

April 16, 2024 – 8:58 am
Posted in Attacks, Computers and Internet, Cyber security, HAck, Phishing, Social Engineering, Technology
Tagged 3rd Party, Cisco Duo, MFA
Leave a Comment

https://www.darkreading.com/cyberattacks-data-breaches/cisco-duo-multifactor-authentication-service-breached

https://app.securitymsp.cisco.com/e/es?s=4673582&e=2785&elqTrackId=EF815608FCE191E1D3FAAE7B0376C832&elq=bd1c1886a59e40c09915b029a74be94e&elqaid=112&elqat=1

Customer Advisory

CVE-2024-3400: Volexity warns of Zero-day exploitation of Palo Alto device vulnerability in GlobalProtect feature over versions of PAN-OS.

April 15, 2024 – 5:27 pm
Posted in Cyber security, HAck, Patch Available, Vulnerability
Tagged CVE-2024-3400, CVSS Score 10.0, Global Protect, OS Command injection, Palo Alto, Pan OS, Python backdoor, remote code execution (RCE), UTA0218, Volexity.com
Leave a Comment

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

Patches are available for the varied versions of PAN-OS

CISA: Weakness in Chirp Systems may pose problems for “smart lock” homes.

April 15, 2024 – 2:49 pm
Posted in Android, Attacks, CISA, Cyber security, Endpoint Security, HAck, Skimming, Smartphones, Vulnerability
Tagged API, APK, Chirp Systems, CVSS Score: 9.1, key fob, krebsonsecurity.com, low attack complexity, plain text, Realpage, Smart Lock
Leave a Comment

https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak