Honestly, I didn’t think about vulnerability in SyncThing when I read the article. But I wondered why defense forces would have p2p open on their networks.
Not necessarily. Torrent is a way to find a peer for direct connection or via a relay (of course that is more than that). Syncthing, even using a relay server, requires some ports available for at least outbound connection (22000 TCP/UDP or whatever port the relay is using). This should not be possible in a medium security network, let alone a defense network. I don’t know if syncthing works without a direct connection (to the peer or relay, something like transport via http proxy).
Ukraine says hackers abuse SyncThing tool to steal data (www.bleepingcomputer.com)
Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks (thehackernews.com)
POC exploit code published for critical Apache HugeGraph bug (www.theregister.com)
Cisco addressed Webex flaws used to compromise German government meetings (securityaffairs.com)
Linux version of TargetCompany ransomware focuses on VMware ESXi (www.bleepingcomputer.com)
GitHub - xaitax/TotalRecall: This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots. (github.com)
Vulnerability in Cisco Webex cloud service exposed government authorities, companies (www.helpnetsecurity.com)
New V3B phishing kit targets customers of 54 European banks (www.bleepingcomputer.com)
Russian hackers claim cyberattack on Spanish defence company (www.reuters.com)
Critical incident declared as ransomware attack disrupts multiple London hospitals (therecord.media)
High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) (www.helpnetsecurity.com)
Cybercriminals attack banking customers in EU with V3B phishing kit (www.resecurity.com)
8220 Gang Exploiting Oracle WebLogic Server Flaw To Deploy Cryptominer (gbhackers.com)
APT28 targets key networks in Europe with HeadLace malware (securityaffairs.com)
Cybercriminals pose as "helpful" Stack Overflow users to push malware (www.bleepingcomputer.com)
DDoS-as-a-Service: The Rebirth Botnet (sysdig.com)
Ticketmaster Confirms Breach Potentially Impacting 560 Million Users (www.infosecurity-magazine.com)
FlyingYeti targets Ukraine using WinRAR exploit to drop Malware (securityaffairs.com)
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting (thehackernews.com)
Lack of skills and budget slow zero-trust implementation (www.helpnetsecurity.com)
Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud (thehackernews.com)
Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique (thehackernews.com)
U.S. Sanctions Cybercrime Network Behind Massive Residential Proxy Bothnet Service (cybersecuritynews.com)