Security News > 2020

Citrix has released the first of several fixes that address a vulnerability in its Application Deliver Controller and Gateway products discovered by security researchers in December. The first of the patches to fix the vulnerability in Application Delivery Controller and Gateway versions 11.1 and 12 were available as of Sunday, earlier than the company had originally expected, says Fermin Serna, the CISO of Citrix, which is based in Fort Lauderdale, Florida.

Netgear left in its router firmware key ingredients needed to intercept and tamper with secure connections to its equipment's web-based admin interfaces. Specifically, valid, signed TLS certificates with private keys were embedded in the software, which was available to download for free by anyone, and also shipped with Netgear devices.

Could ransomware shakedowns against healthcare entities be taking an even uglier turn? In a recent attack on a Florida-based plastic surgery practice, hackers exfiltrated patients' medical records and then demanded a ransom be paid by the clinic and some of its patients to avoid further exposure of the data. "The attackers demanded a ransom negotiation, and as of Nov. 29, 2019, about 15-20 patients have since contacted TCFFR to report individual ransom demands from the attackers threatening the public release of their photos and personal information unless unspecified ransom demands are negotiated and met."

Deception technology is evolving as a powerful asset in the cybersecurity arsenal, providing significant advantages in being able to monitor an attacker's behavior, says Joseph Krull, senior analyst at Aite Group, a research and advisory firm. The evolution of deception technology and why it has been a tough sell;.

A hardcoded SSH public key in Fortinet's Security Information and Event Management FortiSIEM can be abused to access the FortiSIEM Supervisor. The hardcoded SSH key is for the user 'tunneluser', is the same between installs and is also stored unencrypted in the FortiSIEM image.

Cybercriminals are using increasingly sophisticated methods to turn illicitly gained cryptocurrency into cash, which raises new concerns about enforcing anti-money laundering laws, according to a report by blockchain analysis firm Chainalysis. The emergence of these types of rogue cryptocurrency exchanges, along with technical advances, have made tracking virtual currency used in cybercrime, as well as terrorist financing, more difficult for law enforcement, the Chainalysis report finds.

Portland, Oregon-based children's clothing maker Hanna Andersson has quietly disclosed a breach to affected customers. According to the breach notification letter, the "Incident potentially involved information submitted during the final purchase process on our website, www.hannaandersson.com, including name, shipping address, billing address, payment card number, CVV code, and expiration date." These details are often known on the dark web as 'fullz'; that is, the data contains all the information necessary for a criminal to make fraudulent purchases via the internet.

DevOps started in 2009 and over a decade later we are still stuck in the DEVops phase. Will 2020 be the year of true DevOps, and will 2021 be the year of DevSecOps?

Citrix has rushed out official fixes for the well-publicised vuln in some of its server products after miscreants were seen deploying their own custom patches that left a backdoor open for later exploitation. As previously reported, vulnerabilities in Citrix Application Delivery Encoder and Citrix Gateway could allow remote attackers to carry out unauthenticated code execution.

Game developer Ubisoft has lodged a claim against the owners of a website that allegedly sells DDoS attacks against the servers of its best-selling game, Tom Clancy's Rainbow Six: Siege. In court documents seen by The Register, the company said the defendants "Have gone out of their way to taunt and attempt to embarrass Ubisoft for the damage [their] services have caused".