It's maddening to hear from people that the ransomware problem must be getting better because they don't hear about the big publicly-traded companies getting hit as much and apparently that means that the impact to people who only give a fuck about money is less now.
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
We are aware of a limited number of customers whose Ivanti Connect Secure (22.7R2.5 or earlier) and End-of-Support Pulse Connect Secure 9.1x appliances have been exploited at the time of disclosure. Pulse Connect Secure 9.1x reached End-of-Support on December 31, 2024, and no longer receive code support or changes.
@buherator@GossiTheDog@cisakevtracker CISA has been skeptical about this one too, from what I've heard, and has wanted to confirm that any exploitation was both successful and specifically this vulnerability.
@buherator@wdormann Didn't Microsoft stuff start doing that too? Guessing "infected" or using the context of emails or attachments to guess passwords for archives?
@hrbrmstr@greynoise Since it's already 1 April in parts of the world, I feel like need to assure you that the links are real text lists and not ASCII anuses or anything. This time.
Following up on the scanning and password spraying that @hrbrmstr and @greynoise have posted about today, I combined a list of IPs I'm seeing going after Palo Alto GlobalProtect with the Greynoise lists:
Just another analyst chasing squirrels and pretending to know things.Anything stupid I say can and should be blamed on #AI. I mean, I don't intentionally use AI products, but if the AI snakeoilers can take credit for the things other people produce, they can also take the blame.