One of the most dangerous and dangerous cyber attacks in 2019
This year, we have two months left, and the whole world is walking with some hand
Last night, exactly at 11:00 pm, the Israeli company, ClearSky, disclosed a report. She talks about one of the most dangerous and most dangerous cyber attacks that occurred in 2019 and called the campaign with this name: Fox Kitten ...... she revealed the report from here. O believer, the whole world is still messing around. Some people started writing about him and the person in it. Let me explain the report to the report. After that, you will get the link at the end of the report. We formed the bowels of cyber warfare caliber
-------------------------------------------------- ------------------------------
At the end of 2019, there were many supernatural news that got the largest corporate VPN providers in the world, such as Citrix, Palo-Alto, Fortinet and Pulse Secure, but the minimum time was not clear, unlike what happened yesterday at night. ..
Her watch posted a lot of errors and vulnerabilities in the VPN. These companies have sold, including arbitrary file disclosure, to remote code execution, arbitrary command execution, etc. ... but people are not aware of the bundled package that all of these errors relate to each other, or in another meaning .. is done .. Use it by the same intruders or for the same party and you will work with the best campaign. I will tell you its details at the moment
ClearSky continued to tell you that the Iranian hackers group estimated that they were exploiting loopholes in the big VPN companies, were able to grow Backdoors at customers, were using VPNs, and they told you that the Iranian was the group's focus on IT companies, oil and gas companies, and companies having a relationship With the government sector and the security sector worldwide.
ClearSky said that the Iranian group is not a sophisticated attacker in the country, but that it does not compare to Russian, Chinese, and North Korean hackers ... but by distinguishing the Iranian group, they appreciated the development of offensive technologies, and their ability to exploit all the vulnerabilities at the same time, and in a short period of time they managed From hacking into very big and big companies all over the world that used the above mentioned VPNs
The violin also said that the Iranian group estimated exploits vulnerabilities a few hours after they were announced, and its watch was converted from Zeroday vulnerabilities into one-day vulnerabilities.
The most dangerous VPNs were the watch and the most used in the campaign with Fox Kitten: FortiOS Vpn, Fortinet, Global Protect VPN, Palo-Alto and Connect Pulse Secure ... After that, ADC VPN remained for Citrix.
The strange thing about it is that the second stage of the campaign that the lateral movement depended on depends on all the known tools, and we can use it mostly in Pentest or even in CTFs and HackTheBox like Juicy Potato, summons hash, mechatz, brocdom and
others in detail. Explained in the Report
The strange thing about this issue remains, or the new, that ClearSky said that this hacking group is not from Iran, but more than a hacking group, but it has worked together as a group and among them and has worked as one group. .. Claire Ski announced that Fox Keaten's campaign was the lowest subscriber with 3 Iranian groups, the first, APT 33, and some of which are most famous because the candlestick countries and sell the strike. Aramco in Saudi Arabia .... The second group is Apt 34 for its name OilRig and countries with Cyber ​​Attacks are very popular as well as famous specialists in the Middle East only
Their presence means that there are many companies from the Middle East within the objectives of the campaign. The next group is APT 39, named Chafer, and the countries specializing in the theft of personal information
A parallel world for two days, specifically on February 14, America was lying in China on Valentine's Day, and the US Justice Department and the FBI accused the Chinese Huawei office of stealing sensitive and important information from 6 American giants and Huawei is researching to steal information from companies D and BI does not start in Sell ​​it to me, I pay more
The indictment of the Ministry of Justice and the FBI presented the names of 6 companies from Huawei, which Huawei stole data from, but there are leaks saying that the names of the remaining six companies are
Cisco, Motorola, Fujitsu, Quintel, T-Mobile and CNEX Labs
The US government announced and threatened that the charges, if corrected, would deprive Huawei of all components sold to smartphones and others produced by the US government, and would deprive it of all digital services. American company sold like Google, Facebook, Whatsapp and others. On the other hand, if you have a phone with Huawei, in the following period, there will be no difference between them and 3310, and 3310 could be better than it because it is stronger .. And as China appreciates, you can see an alternative for every need that was banned from America Huawei shares and sales remain on the ground.
Nagy remains for all these shameful sources, because what Megesh said is something he needs
This information includes Apt 39, espionage and theft of Personal Information: Source:/ Website link
Link has a full report about the Campaign named Fox Fox and has all the tools and technical details: Source:/ Website link
0 Comments
Thanks Friend