The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Citrix Vulnerabilities, Conti Ransomware, Joker Malware, Magecart, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Backdoor Accounts Discovered in 29 FTTH Devices from Chinese Vendor C-Data
(published: July 10, 2020)
Security researchers have recently discovered what appears to be an intentional backdoor in 29 Fiber To The Home (FTTH) models sold by the popular Chinese company C-DATA. These devices serve to terminate fiber optic networks and convert the signals to conventional ethernet data. These devices are deployed globally into ISP's networks and reside all over data centers, due to their critical role. The vulnerabilities and backdoor were found analyzing two devices running the latest firmware, but they are confident that these same seven vulnerabilities impact 27 other models due to the firmware similarities. While the vulnerabilities themselves are quite severe, it is the backdoor that is truly troubling. The backdoor consists of four hardcoded telnet accounts encoded in the device firmware that if accessed gives the user full administrative control of the devices from the external network side of the devices.Recommendation: As of the time of this writing, there has been no comment from the manufacturer and no patches are currently available. In light of this, along with the trivial nature of exploiting the backdoor and vulnerabilities, the recommendation would be, if at ..
Support the originator by clicking the read the rest link below.
