Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Vulnerabilties. Show all posts

Confluence Servers are Being Targeted by the New Atom Silo Malware

 

A new ransomware operator is targeting Confluence servers, gaining initial access to susceptible systems by exploiting a recently reported vulnerability. According to Sean Gallagher and Vikas Singh of Sophos, the new threat actors, called Atom Silo, are exploiting the flaw in the hopes that Confluence server owners have yet to apply the essential security patches to fix the vulnerability. 

Atlassian Confluence is a web-based virtual workspace for businesses that allows teams to collaborate on projects and communicate. Atom Silo recently launched a two-day cyberattack, according to Sophos. The attackers were able to get initial access to the victim's corporate environment due to a vulnerability identified as CVE-2021-08-25. 

Atlassian released security fixes on August 25 to address a Confluence remote code execution (RCE) vulnerability that had been exploited in the wild and was tracked as CVE-2021-26084. They also discovered that the ransomware utilized by this new gang is nearly comparable to LockFile, which is quite similar to the LockBit malware.

Several innovative approaches that made it exceedingly difficult to examine, including the side-loading of malicious dynamic-link libraries targeted to disrupt endpoint protection software, according to Atom Silo operators. Following the compromise of Confluence servers and the installation of a backdoor, the threat actors use DLL side-loading to execute a second-stage stealthier backdoor on the compromised machine. 

"The incident investigated by Sophos shows how quickly the ransomware landscape can evolve. This ultra-stealthy adversary was unknown until a few weeks ago," said Sean Gallagher, a senior threat researcher at Sophos. "In addition, Atom Silo made significant efforts to evade detection prior to launching the ransomware, which included well-worn techniques used in new ways. Other than the backdoors themselves, the attackers used only native Windows tools and resources to move within the network until they deployed the ransomware." 

According to Sophos, ransomware operators and other malware authors are becoming increasingly competent at exploiting these flaws, latching on publicly available proof-of-concept exploits for freshly discovered vulnerabilities and weaponizing them quickly to benefit from them. 

"To reduce the threat, organizations need to both ensure that they have robust ransomware and malware protection in place, and are vigilant about emerging vulnerabilities on Internet-facing software products they operate on their networks," they added.

Vulnerabilities in High-Performance Computer Chips; Leading To Failures in Modern Electronics



Researchers from Washington State University found vulnerabilities in the high performance computer chip. They found that the on-chip communication system affects the lifetime of entire computer chip shortening it fundamentally by purposely including the malignant workload.

Apple and Samsung are not far behind as they too have been blamed for misusing the vulnerabilities in their very own hardware and sending software updates that purposefully slow down the prior phone models to urge customers to buy the new products.

Notwithstanding of the past researchers having contemplated the computer chip parts, similar to the processors, the computer memory and circuits for security vulnerabilities still the WSU research team has discovered huge vulnerabilities in the modern communications backbone of the high performance computer chips.

The communication systems are of extreme importance to the high performance computers as they are thusly created to utilize an expansive number of processors and in particular the parallel processing and cloud computing.

Now so as to test the communications systems the researchers have conceived three "cunningly built malicious" attacks. They found that a predetermined number of pivotal vertical links of the communication system were especially 'vulnerable to fail'.

Pande, a researcher of Indian origin who alongside the other researchers found the vulnerabilities in the first place says,
 “We determined how an agent can target the communication system to start malfunctions in the chip.The role of the communications and the threat had not been clear to the research community before.”

The specialists have now begun attempting to create different courses down the lines of automated techniques and algorithms to moderate the issue and to attempt and identify as well as thwart the attacks.