CyberSecurity updates
Updated: 2024-11-10 06:31:17 Pacfic


eclypsium.com
Sophos Firewall Appliance Hacking Campaign - 4d

Sophos has identified a five-year campaign, dubbed “Pacific Rim”, by Chinese threat actors targeting network appliances, particularly Sophos firewalls. These attackers, including APT31, APT41/Winnti, and a third group, have employed a variety of tactics, including botnets, zero-days, custom malware, firmware backdoors, and UEFI implants, in attempts to compromise these devices. The UEFI implants, while not entirely new, are particularly concerning as they provide attackers with a persistent foothold on the firewall, potentially enabling them to gain control over the entire network. This campaign highlights the vulnerability of network appliances and the increasing sophistication of threat actors. Attackers are exploiting vulnerabilities, utilizing zero-day exploits, and implementing backdoors to gain access to sensitive data and gain a foothold in targeted organizations.

cyberinsider.com
Multiple Critical Vulnerabilities Found in Intel's UEFI Firmware: Firmware Updates Needed to Mitigate Risks of Privilege Escalation, Denial-of-Service, and Data Leaks - 28d

Intel has released a security advisory addressing multiple critical vulnerabilities in the UEFI firmware of certain processors. These vulnerabilities, if exploited, could enable attackers to escalate privileges, launch denial-of-service attacks, or leak sensitive information. System manufacturers will distribute firmware updates, but users should be aware of the potential risks and stay informed about updates from their system vendors.


This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.