Vietnam Govt subject to a Supply Chain Attack

Looks like an app that was put together by the Vietnam Government Certification Authority (VGCA) that is required to be used that can be used to electronically sign official documents. ESET says that between July 23 and August 5, this year, the two files contained a backdoor trojan named PhantomNet, also known as Smanager. LINK

Active DDoS on Citrix Netscalers using DTLS on UDP:443

At this time it looks like someone is targetting Citrix Netscalers with a DDoS using DTLS. Datagram Transport Layer Security (DTLS) is a communications protocol for securing delay-sensitive apps and services that use datagram transport. Only a small number of customers are being targetted. The following sites are confirmed in the attack: 45.200.42.0/24220.167.109.0/2445.248.9.195206.71.159.13146.229.195.108117.27.239.15413.69.68.47 Citrix confirmed […]

Treck TCP/IP Stack Vulnerabilities

Well, the Treck TCP/IP stack has had 4 vulnerabilities reported. This stack is typically used in IoT/appliance devices (this may include Medical devices). This could lead to running of arbitrary commands and DDoS attacks. CISA event chimed in on this one — LINK CVE-2020-25066The most dangerous, could allow the execution of remove code – CVSS […]

Link Posting

SecurityThreatNews is going to scour the net to find links of information that actually means something. You and I know, a research paper full of complex equations for a Security Analyst or Director is pretty useless most of the time. As well as a article to information that is just plain common sense. I am […]