Get subscribed to our newsletter
Get interesting updates to your email inbox.
As the Internet faces one of the most serious vulnerabilities in recent years putting millions of devices at hacking risk, attackers are now making thousands of attempts to exploit a second vulnerability involving a Java logging system called 'Apache log4j2'.
The description of the new vulnerability, titled 'CVE 2021-45046', says the fix to address the earlier security bug (CVE-2021-44228) in 'Apache Log4j 2.15.0' was "incomplete in certain non-default configurations".
Follow NewsGram on Quora Space to get answers to all your questions.
"It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. "This could allow attackers... to craft malicious input data using a JNDI Lookup pattern resulting in a denial of service (DOS) attack," the CVE description read.
Several popular services, including Apple iCloud, Amazon, Twitter, Cloudflare and Minecraft, are vulnerable to the 'ubiquitous' zero-day exploit.
Also Read : November 16 - International Day for Tolerance
Apache has now released a new security patch to address the second bug. 'Apache Log4j' is used in many forms of enterprise and open-source software, including cloud platforms, web applications and email services.
It is the most popular java logging library with over 400,000 downloads from its GitHub project. It is used by a vast number of companies worldwide, enabling logging in a wide set of popular applications.
Another cyber security company Sophos said that it is already detecting malicious cryptominer operations attempting to leverage the vulnerability.Unsplash
"Exploiting this vulnerability is simple and allows threat actors to control java-based web servers and launch remote code execution attacks," cyber security researchers at Check Point had said in a blog post.
Another cyber security company Sophos said that it is already detecting malicious cryptominer operations attempting to leverage the vulnerability, and there are credible reports from other sources that several automated botnets (such as Mirai, Tsunami, and Kinsing) have begun to exploit it as well.
At present, most of the attacks focus on the use of cryptocurrency mining at the expense of the victims. However, under the auspices of the noise, more advanced attackers may act aggressively against quality targets.
Researchers at Microsoft have also warned about attacks attempting to take advantage of 'Log4j' vulnerabilities, including a range of crypto-mining malware. (IANS/SP)
(Keywords : internet, hackers, vulnerabilty, risk, bug, patch, device, data, cryptocurrency.)
- Internet of Things (IoT) to empower millions in rural areas ... ›
- Advance Technology In Satellite Internet - NewsGram - Lens to India ... ›
Hackers have stolen crypto tokens worth $120 million from Blockchain-based decentralised finance (DeFi) platform BadgerDAO. Several crypto wallets were drained before the platform could stop the cyber attack. In a tweet, Badger said it has received reports of unauthorised withdrawals of user funds. "As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals. Our investigation is ongoing and we will release further information as soon as possible," the company said late on Thursday.
According to the blockchain security and data analytics Peckshield, the various tokens stolen in the attack are worth about $120 million, reports The Verge. According to reports, someone inserted a malicious script in the user interface (UI) of their website. Badger has retained data forensics experts Chainalysis to explore the full scale of the incident and authorities in both the US and Canada have been informed. "Badger is cooperating fully with external investigations as well as proceeding with its own," it said. DeFi is a collective term for financial products and services that are open, decentralised and accessible to anyone. DeFi products open up financial services to anyone with an internet connection and they are largely owned and maintained by their users. While the attack didn't reveal specific flaws within Blockchain tech itself, it managed to exploit the older "web 2.0" technology that most users need to use to perform transactions, according to reports. (IANS/ MBI)
(Keywords: crypto wallets, BadgerDAO, decentralised finance, Blockchain, 120 million, crypto tokens, Hackers)
The US has warned that ransomware hacking groups are now targeting companies involved in "significant, time-sensitive financial events" and people whose private financial information they have gained access to. In a latest advisory to private firms, the Federal Bureau of Investigation (FBI) said that ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victimcompanies for ransomware infections.
"Prior to an attack, ransomware actors research publicly available information, such as a victim's stock valuation, as well as material nonpublic information. If victims do not pay a ransom quickly, ransomware actors will threaten to disclose this information publicly, causing potential investor backlash," the FBI said in its report. During the initial reconnaissance phase, cyber criminals identify non-publicly available information, which they threaten to release or use as leverage during the extortion to entice victims to comply with ransom demands.
If victims do not pay a ransom quickly, ransomware actors will threaten to disclose this information publicly, causing potential investor backlash. The FBI said it has identified several cases of ransomware groups using information on an ongoing merger or acquisition negotiation to put pressure on the firms to pay up. In early 2020, a ransomware actor using the moniker "Unknown" made a post on the Russian hacking forum "Exploit" that encouraged using the NASDAQ stock exchange to influence the extortion process.
The US has warned that ransomware hacking groups are now targeting companies involved in "significant, time-sensitive financial events" and people whose private financial information they have gained access to. | Photo by Michael Geiger on Unsplash
Following this, unidentified ransomware actors negotiating a payment with a victim during a March 2020 ransomware event stated: "We have also noticed that you have stocks. If you will not engage us for negotiation we will leak your data to the nasdaq and we will see what's gonna (sic) happen with your stocks." Between March and July 2020, at least three publicly traded US companies actively involved in mergers and acquisitions were victims of ransomware during their respective negotiations.
In April this year, Darkside ransomware actors posted a message on their blog site to show their interest in impacting a victim's share price. The message stated: "Now our team and partners encrypt many companies that are trading on Nasdaq and other stock exchanges. If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn a reduction in the price of shares. Write to us in 'Contact Us' and we will provide you with detailed information."
The FBI said that paying a ransom emboldens adversaries to target additional organisations, encourages other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities. Paying the ransom also does not guarantee that a victim's files will be recovered. "However, the FBI understands that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers," it said. (IANS/ MBI)
Keywords: Hackers, private, financial, information, ransomware, FBI, extrort
By Tharini Ilanchezhian
Poly Network, a crypto currency platform had lost whooping amount of $610 million because of this heist. Sources say that it had offered the hackers an amount of $500,000.
As a meagerly known name in the world of crypto, Poly Network is a decentralized Finance (DeFi) platform working on enabling a peer-to-peer transaction by allowing users to make use of tokens across different block chains. In a statement, the firm thanked the hacker jargoned as 'White Hat' saying that he had helped them improve the poly network securities. The hacker had earlier claimed that the heist was 'Just For Fun' and to expose the vulnerabilities of crypto cyber world.
Poly Network had in terms of appreciation, rewarded the hacker with $500,000 on account of returning the digital coins. The statement has not disclosed the medium of payment of the $500,000. It said that the hacker had responded to the offer but did not reveal that if it was accepted or rejected.
The blockchain security firm Snowmist stated that the hackers were able to rob the $619 million worth of Ethereum, Binance, Smart chain and USDC (USD coin) from the crypto currency platform. This biggest hack in history of Decentralized Finance (DeFi) has alarmed the world of crypto currency.
According to the Blockchain analysis company Chainalysis, the unidentified hacker has exploited and made use of the vulnerabilities of digital contracts used by Poly Network, to move assets across different blockchains.
According to a statement released on Friday, the hacker returned crypto worth of $340 million to the firm whereas the bulk rest of the assets were combined controlled by them and Poly Network. Poly Network has announced the heist by Tuesday, but the immediate day after this occurred, the hackers started returning money to the firm.
The hackers claimed that the planned attack of the digital coins was for 'Fun' and the plan was to return them anyway. Blockchain analysts have stated that the hackers would have found it challenging to launder such a huge scale amount of stolen crypto currency.
Poly Network had also written a note on its twitter warning the hackers about the legal consequences of the action saying that the law enactments of any country will take this heist into consideration as a huge economic crime and the hacker would have had to face severe trials.