Cybercriminals who use the REvil (Sodinokibi) ransomware to extort large organizations are now targeting unpatched Pulse Secure VPN servers to gain a foothold and disable antivirus.
A security researcher is urging organizations that use Pulse Secure VPN to patch now or face ‘big game’ ransomware attacks by criminals who can easily use the Shodan.io IoT search engine to identify vulnerable VPN servers.
The REvil (Sodinokibi) ransomware was used in an attack last month on NASDAQ-listed US data-center provider CyrusOne and, over the summer, against several managed service providers, 20 Texas local governments, and over 400 dentist offices.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
UK security researcher Kevin Beaumont puts REvil in the ‘big game’ category because criminals have employed it to encrypt critical business systems and demand huge sums of money. The ransomware strain, discovered in April, initially used a vulnerability in Oracle WebLogic to infect systems.
The Pulse Secure VPN servers being targeted with REvil haven’t been applied with patches flagged in warnings from the US CISA, US National Security Agency and the UK’s National Cybersecurity Centre in October. The warnings followed evidence that state-backed hackers were exploiting flaws in both Pulse Secure and Fortinet VPN products.
Now the flaw has been adopted by cybercriminals, probably because it’s such a potent bug.
Beaumont notes that the Pulse Secure VPN bug is “incredibly bad” because it allows remote attackers, without valid credentials, to remotely connect to the corporate network, disable multi-factor authentication, and remotely view logs and cached passwords in plain text, including Active Directory account passwords.
Two incidents he’s detected in the past week employed the same basic strategy: gain access to the network, grab domain admin controls, and then use the open-source VNC remote-access software to move around the network.
SEE: Ransomware attack hits major US data center provider
After that, all endpoint security tools were disabled and REvil (Sodinokibi) was pushed to all systems via PsExec, an Windows remote administrative utility that allows users to launch “interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems”.
According to a January 4 scan by security firm Bad Packets, there were 3,825 Pulse Secure VPN servers that hadn’t been patched for the flaw CVE-2019-11510 – one of the two Pulse Secure VPN flaws in the October alerts. Over 1,300 of those vulnerable VPN servers were based in the US.
More on VPN security and ransomware
Bugatti W16 Mistral Puts A $5 Million Price On The End Of An Era
It’s set into a completely new monocoque, Bugatti opting to rework its core platform rather than simply slice off the top of the coupe’s version. The curved windshield wraps around the A-pillars and into the side glass, the top line then flowing into the huge side air intakes. At the front, there’s a sizable horseshoe grille wider than on other Chiron cars.
Two roof-mounted engine air scoops work alongside the oil cooler intakes that are mounted on the side. Separating them allowed Bugatti’s designers to leave the side section of the W16 Mistral slimmer. The scoops have also been made from a custom carbon fiber structure, each of which is strong enough to support the entire weight of the roadster should it flip.
The lighting signature is where the W16 Mistral steps most decisively away from its coupe predecessors. The front has a quad-light signature that doubles as an aero aid, pulling airflow in through the clusters and then out of the front wheel arches. At the rear, the X-theme seen first on the Bugatti Bolide has been updated, here also working as a vent for the side oil coolers.
This Brand Makes The Worst Android Phones, According To 27% Of People We Polled
Most respondents who participated in our poll seem to earnestly believe that Xiaomi makes the worst Android phones out there. More than 27% of the polled users think Xiaomi deserves this particular crown. On the face of it, the poll results seem grossly unfair towards Xiaomi, given that the company doesn’t even sell its phones to U.S. consumers. There is no denying, however, that Xiaomi needs to do a lot to change its brand perception in the U.S. if they ever plan on releasing smartphones in North America (again, that is).
With more than 21% of the votes, a virtually unknown smartphone brand for U.S. consumers comes in second place. The brand in question here is Realme — a sub-brand owned by OPPO. Realme is a very popular smartphone brand in Asia and is known mainly for its value-for-money devices that usually compete against similarly priced alternatives from Xiaomi.
Another smartphone brand that is in desperate need of a brand overhaul is Google. More than 18% of polled people thought Google makes the worst Android phones. That’s a lot of brickbats for a company behind the software that powers Android phones. The less favorable opinion seems to stem from a long list of issues that troubled the Google Pixel lineup.
Samsung and OnePlus find themselves in the last two places on this list with 17.23% and 15.54% of the votes, respectively. It could be that the other brands are simply less popular in the minds of U.S. citizens, or it could be that Samsung and OnePlus really and truly make the best Android phones — what do you think?
Lincoln Model L100 Concept Is Hyper-Luxury Electrification With Wild Doors And A Disco Floor
Certainly, the exterior of the Model L100 Concept is memorable. Lincoln describes it as “the tension between exuberant elegance and subtle restraint,” and it’s clear that aerodynamics have played a big role in deciding the overall silhouette. We’ve seen how that chase for slipperiness through the air can lead to electric cars looking like relatively amorphous blobs, though that’s something Lincoln manages to avoid.
Instead, it plays with light, glass, and scale. The Model L100 Concept hunkers low to the ground, with a glass panoramic roof and reverse-hinged doors to add drama as well as make entering and exiting more straightforward. Sensors track the owner’s approach, meanwhile, with the promise of a curated light show both outside and inside. Then, the doors — which extend all the way back to the rear bumper — gape outward, while the entire glass roof section lifts up.
The concept is finished with a satin digital ceramic tricot metallic paint, shifting between cool blue and soft white. Instead of the traditional chrome, frosted acrylic has been used as a more sustainable alternative. The whole floor of the cabin, meanwhile, is one big digital panel capable of showing shifting graphics, colors, and patterns.
Bugatti W16 Mistral Puts A $5 Million Price On The End Of An Era
It’s set into a completely new monocoque, Bugatti opting to rework its core platform rather than simply slice off the...
Qualcomm is jumping back into the server CPU market with Nuvia acquisition
Enlarge / A splash image for Nuvia from the company’s blog. Qualcomm is apparently plotting a return to the server...
How VC really works, longevity investor survey, choosing your angel – TechCrunch
“Venture capital” is semantically equivalent to “dangerous money,” which is part of its mystique. Essentially, VC is a high-stakes extreme...
These Are The Worst Quality Problems On The Tesla Model X
While an industry leader in electric SUVs, the Tesla Model X is rife with various issues. Here are the problems...
Debit card fraud leaves Ally Bank customers, small stores reeling
Enlarge / Ally debit card owners are reporting fraudulent charges at a steady cadence over the past week. Getty Images...
Social4 months ago
Web.com website builder review
Social3 years ago
CrashPlan for Small Business Review
Gadgets4 years ago
A fictional Facebook Portal videochat with Mark Zuckerberg – TechCrunch
Cars4 years ago
What’s the best cloud storage for you?
Mobile4 years ago
Memory raises $5M to bring AI to time tracking – TechCrunch
Social4 years ago
iPhone XS priciest yet in South Korea
Security4 years ago
Google latest cloud to be Australian government certified
Social4 years ago
Apple’s new iPad Pro aims to keep enterprise momentum