Plus: CISA pulls plug on couple of systems feared compromised
The cybercrime crew has targeted US medical, manufacturing, and energy-sector organizations, according to Check Point, which said it spotted Magnet Goblin abusing security holes inSpecifically, the crooks appear to have hit vulnerable Ivanti Connect Secure VPN servers, compromising that equipment and using those footholds to deploy backdoors in victims' IT environments.
"We were able to confirm less than 10 organizations in the US, but we assume the real number is much higher," Sergey Shykevich, threat intelligence manager at Check Point Research, told"We think it is an opportunistic cybercrime group that we currently can't affiliate to a specific geographical location or a known group," Shykevich added."This group was able to utilize the Ivanti exploit extremely quickly, just one day after a POC for it was published.
This malicious software included MiniNerbian, a Linux backdoor used in those Magento 2 attacks, as well as a newer, novel Linux version of NerbianRAT, and a JavaScript credential stealer called WARPWIRE. The crew also uses legit remote monitoring and management tools such as ScreenConnect and AnyDesk once inside victims' IT environments, which makes their illicit activities a little more difficult to detect.
"Magnet Goblin distinguishes itself by its rapid adoption of newly disclosed vulnerabilities, notably targeting platforms such as Ivanti Connect Secure VPN, Magento, Qlik Sense, and possibly Apache ActiveMQ," according to the report. The criminals move quickly, according to the security shop, exploiting these so-called"one-day vulnerabilities" in edge devices and public facing services shortly after proof-of-concept exploits have been made public, but before the vendors have pushed patches to slam shut the security holes.
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Cutting kids off from the dark web – the solution can only ever be socialExpert weighs in after Brianna Ghey murder amid worrying rates of child cybercrime
Read more »
Bridgnorth-to-Broseley potholes: Three burst tyres in three daysDriver Ken Addison puts a trio of troubled tyres down to problems on the same road.
Read more »
Seagull attack bursts tourist's lip after birds swipe mini egg from mouthThree birds attacked the woman while she was visiting Scotland and burst her lip.
Read more »
Scared Motherwell mum who lives near burned body crime scene plans to flee areaPolice are investigating the death which is being treated as unexplained.
Read more »
Woman, 77, pronounced dead at scene of Cumbernauld house fireFour fire appliances were deployed to tackle an inferno at Pleamuir Place after emergency services received reports of a property blaze at around 8.56am. A 77-year-old was pronounced dead at the scene.
Read more »
The Gentlemen's Kaya Scodelario Names 1 Surprising Scene That Made Her 'Really Anxious' To FilmDaniel Welsh is a London-based entertainment journalist at HuffPost UK. His areas of expertise are film, TV and music. He particularly enjoys reality TV, Madonna and getting compliments about his hair.
Read more »