Warning: mysqli_query(): (HY000/1021): Disk full (/tmp/#sql_ab8df_1.MAI); waiting for someone to free some space... (errno: 28 "No space left on device") in /home/wirefan.com/public_html/wp-includes/class-wpdb.php on line 2349

Warning: mysqli_query(): (HY000/1021): Disk full (/tmp/#sql_ab8df_1.MAI); waiting for someone to free some space... (errno: 28 "No space left on device") in /home/wirefan.com/public_html/wp-includes/class-wpdb.php on line 2349
Technology

Nation state hackers exploited years-old bug to breach a US federal agency


The U.S. government has warned that multiple cybercriminal gangs, including a nation state-backed hacking group, exploited a four-year-old software vulnerability in order to compromise a U.S. federal government agency.

A joint alert released by the CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (known as MS-ISAC) on Wednesday revealed that hackers from multiple hacking groups exploited known vulnerabilities in Telerik, a user interface tool for web servers. This software — designed for building components and themes for web applications — was running on the U.S. agency’s internet-facing web server.

CISA did not name the breached federal civilian executive branch (FCEB) agency, a list that includes the Department of Homeland Security, the Department of the Treasury and the Federal Trade Commission.

When reached by email, CISA spokesperson Zee Zaman declined to answer TechCrunch’s questions.

The Telerik vulnerability, tracked as CVE-2019-18935 with a vulnerability severity rating of 9.8 out of 10.0, is ranked among the most commonly exploited vulnerabilities in 2020 and 2021. The bug was first discovered in 2019 and the U.S. National Security Agency previously warned that it had been actively exploited by Chinese state-sponsored hackers to target computer networks that hold “sensitive intellectual property, economic, political, and military information.”

CISA said the bug allowed the malicious attackers to “successfully execute remote code” on the agency’s web server, exposing access to the agency’s internal network. The advisory noted that the compromised agency’s vulnerability scanner failed to detect the bug because Telerik’s software was installed in a place where the scanner does not typically scan.

According to CISA’s advisory, the cybersecurity agency said it observed multiple hacking groups exploiting the flaw from November 2022 through early-January 2023, including the state-backed hacking group, and a Vietnam-linked credit card skimming actor known as XE Group.

CISA has released indicators of compromise and has urged organizations running vulnerable Telerik software to ensure security patches are applied.

Progress Software, which acquired Telerik in 2014, did not respond to our questions.

CISA this week also added an Adobe ColdFusion bug to its list of known exploited vulnerabilities, warning that the flaw — tracked as CVE-2023-26360 with a severity score of 8.6 — could be exploited to allow attackers to achieve arbitrary code execution.



Source link


Warning: mysqli_query(): (HY000/1021): Disk full (/tmp/#sql_ab8df_1.MAI); waiting for someone to free some space... (errno: 28 "No space left on device") in /home/wirefan.com/public_html/wp-includes/class-wpdb.php on line 2349

Fatal error: Uncaught wfWAFStorageFileException: Unable to save temporary file for atomic writing. in /home/wirefan.com/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:34 Stack trace: #0 /home/wirefan.com/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php(658): wfWAFStorageFile::atomicFilePutContents('/home/wirefan.c...', '<?php exit('Acc...') #1 [internal function]: wfWAFStorageFile->saveConfig('livewaf') #2 {main} thrown in /home/wirefan.com/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 34