Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,648 posts)
Tue Oct 8, 2019, 04:13 PM Oct 2019

U.S. And U.K. Governments Issue Update Now Warning For Windows, macOS And Linux Users

Source: Forbes

Oct 8, 2019, 03:22am

U.S. And U.K. Governments Issue Update Now Warning For Windows, macOS And Linux Users

Davey WinderSenior Contributor
Cybersecurity
I report and analyse breaking cybersecurity and privacy stories

Both U.S. and U.K. government agencies have taken the unusual step of issuing a rare update now warning to Windows, macOS and Linux users concerning a critical cybersecurity threat from advanced persistent threat (APT) attackers. Here's everything you need to know.

The nature of the cybersecurity threat

It isn't the first time that the National Security Agency (NSA) has released a critical security vulnerability warning but these government agency update now advisories are few and far between. Once again, though, the NSA is making such a warning; this time regarding an ongoing attack from advanced persistent threat (APT) actors. The NSA warns that attackers could remotely take control of affected Windows, macOS and Linux systems. The United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has also issued an advisory and is recommending that users upgrade now. Furthermore, the National Cyber Security Centre (NCSC) in the U.K. isn't being left out of the attack threat alert party either. So what is the threat behind this string of critical warnings?

The NSA advisory concerns the exploit of multiple vulnerabilities in Virtual Private Network (VPN) applications. As is often the case, these official government warnings come when vulnerabilities that have been known about for some time have, despite fixes being available, ongoing exploits causing concern. Indeed, according to the NCSC alert, the vulnerabilities are well documented in open source, and the exploit activity is continuing with international targets across academic, business, government, healthcare and military sectors.

A brief history of affected VPN warnings

The vulnerabilities are to be found within several enterprise VPN products and can enable a remote attacker to retrieve files including those with authentication credentials. Armed with these credentials the slow and stealthy APT attackers can then change the configuration of the VPN or dig deeper into internal network infrastructures. Intelligence gathering, data exfiltration and system control are all on the exploit table here.

-snip-


Read more: https://www.forbes.com/sites/daveywinder/2019/10/08/us-and-uk-governments-issue-update-now-warning-for-windows-macos-and-linux-users/#762fbead49dd
1 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
U.S. And U.K. Governments Issue Update Now Warning For Windows, macOS And Linux Users (Original Post) Eugene Oct 2019 OP
I do my part by enabling automatic updates on my 'puters and checking daily to make sure abqtommy Oct 2019 #1

abqtommy

(14,118 posts)
1. I do my part by enabling automatic updates on my 'puters and checking daily to make sure
Tue Oct 8, 2019, 06:24 PM
Oct 2019

that updates are successful. Cause that's what it takes.

Latest Discussions»Issue Forums»National Security & Defense»U.S. And U.K. Governments...