[Weekly Security News] Russian ransomware gang claims it stole ‘classified and top secret documents’ from US intelligence

by

[Weekly Security News] Data breaches which are happening even now

[February 07 2024]

1. Russian ransomware gang claims it stole ‘classified and top secret documents’ from US intelligence

A Russian hacking group has claimed it infiltrated a tech company, Technica, responsible for handling “classified and top secret” documents for US intelligence agencies. A Department of Defense spokesman, meanwhile, said the agency “is aware of the allegations of this incident and is coordinating with the appropriate law enforcement and security officials to address concerns.

Source : New York Post

 

2. 45k Jenkins servers exposed to RCE attacks using public exploits

Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897. On January 24, 2024, project released versions 2.442 and LTS 2.426.3 to fix CVE-2023-23897, an arbitrary file read problem that can lead to executing arbitrary command-line interface (CLI) commands. But the issue arises from CLI’s feature that automatically replaces an @ character followed by a file path with the contents of the file.

Source : BleepingComputer

 

3. CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Two new critical vulnerabilities impacting Ivanti Connect Secure (previously Pulse Connect Secure), identified as CVE-2023-46805 and CVE-2024-21887, are actively exploited. The CVE-2023-46805 allows an attacker to bypass authentication on the web server, while the CVE-2024-21887 allows an authenticated shell command injection. By combining these vulnerabilities, an attacker can achieve an unauthenticated remote code execution.

Source : CYBERCOOP

 

Check out Penta Cloudbric’s product lines:

Cloud-based Fully Managed WAAP: Cloudbric WAF+

Agent based Zero Trust Network Access Solution: Cloudbric PAS

Agentless Zero Trust Network Access Solution: Cloudbric RAS

Blockchain: Blockchain Security Solution

Click here for inquiries regarding the partner system of Cloudbric
Make sure to follow us on our social media platforms (LinkedIn, Twitter, and Facebook)

Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security

Click here for inquiries regarding the partner system of Penta Security
Make sure to follow us on our social media platforms (LinkedIn)