/?pid=china-linked-hackers-suspected-of-exploiting-zero-day-flaw-in-software-used-by-isps-25080

Updated:03:45 PM EDT Oct 10


this is ggmania.com subsite China-linked hackers suspected of exploiting zero-day flaw in software used by ISPs - TechAmok

China-linked hackers suspected of exploiting zero-day flaw in software used by ISPs - [security]
09:59 AM EDT - Aug,28 2024 - post a comment

Black Lotus Labs has discovered a zero-day vulnerability in Versa Director servers, a virtualization platform widely used by ISPs and managed service providers. This vulnerability, potentially linked to Chinese state-sponsored hacker groups, poses a significant risk to these organizations.

Identified as CVE-2024-39717, this critical flaw was publicly announced on August 22, 2024, and affects all versions of Versa Director software prior to version 22.1.4. The vulnerability is particularly concerning for ISPs and MSPs, as they depend on Versa's software-defined wide area network (SD-WAN) applications to manage network configurations.

The vulnerability's discovery has caused alarm due to its potential to penetrate enterprise networks via Versa Director servers, which are responsible for essential network functions. Black Lotus Labs identified a custom web shell, named "VersaMem," that exploits this flaw to extract login credentials. A notable feature of VersaMem is its modularity, which allows it to load additional Java code directly into the server's memory, effectively evading detection.

Global monitoring data from Black Lotus Labs reveals that the vulnerability has been exploited through compromised small-office/home-office devices in attacks targeting four victims in the United States and one abroad. These attacks, primarily affecting the ISP, MSP, and IT sectors, have been ongoing since June 12, 2024. The attackers initially gain access by exploiting an exposed management port on the Versa Director, designed for connecting Director nodes for high availability, which they then use to deploy the VersaMem web shell. Black Lotus Labs suspects that Chinese state-sponsored hacker groups, known as Volt Typhoon and Bronze Silhouette, are orchestrating the exploitation of this vulnerability. Their analysis indicates that Volt Typhoon is actively targeting unpatched Versa Director systems.

Short overview of recent news articles

Breaking Down Intel's Strategy For Core Ultra 200S (Oct,10 2024 )

Samsung Galaxy S25 Ultra - 10 New Big Updates (Oct,09 2024 )

Porsche 911 Turbo S v SLEEPER Skoda Superb: DRAG RACE (Oct,09 2024 )

Upgrade to Windows 11 24H2 from Windows 10 on Unsupported Hardware (Oct,09 2024 )

Ryzen 7 5800X3D vs. 9700X, 3D V-Cache Still Going Hard! (Oct,08 2024 )

12VHPWR is a Dumpster Fire | Investigation into Contradicting Specs (Oct,07 2024 )

Then They Came for the 4080 Super... - Tech News Oct 6 (Oct,07 2024 )

Best Budget Gaming Laptop GPU? NVIDIA RTX 2050 vs Intel Arc A530M (Oct,04 2024 )

Should You Update To Windows 11 24H2 Right Now (Oct,03 2024 )

How Nvidia KILLED PC Gaming Optimization Through DLSS and Frame (Oct,03 2024 )

The PC industry is in crisis... and can't continue this way... (Oct,03 2024 )

NVIDIA GeForce 565.90 WHQL Driver (Oct,03 2024 )

AMD Software Adrenalin 24.9.1 WHQL Released (Oct,03 2024 )

Windows 11 24H2 Feature Update Causing BSOD Problem (Oct,02 2024 )

HW News - RTX 5090 & 5080 Leaks, Valve ARM64 Experiments (Oct,02 2024 )

RTX 5080 24GB LEAKED, 9800X3D OCTOBER Release, INTEL Ultra 7 265K (Oct,01 2024 )

AMD X870 Flagship Roundup, Zen 5 Motherboards Are Here! (Oct,01 2024 )

The Future of Intel (Oct,01 2024 )

New Ryzen Laptops are Better than I Thought (Oct,01 2024 )

VirtualBox 7.1.2 is out with performance improvements for Windows (Sep,30 2024 )

Samsung Galaxy S24 FE Boosts Display and Battery Size (Sep,29 2024 )

Building a PC... Using Only the Top Result on Amazon (Sep,29 2024 )

These RTX 5090 specs are unbelievable. (Sep,29 2024 )

Powerful Windows tips everyone should know! (Sep,28 2024 )

ASUS Zenbook S 14 - The MacBook Killer!? (Sep,28 2024 )

Intel's Lunar Lake: Is this the end for Qualcomm? (Sep,28 2024 )

Hackers Could Have Remotely Controlled Kia Cars Using Only License (Sep,26 2024 )

FSR 4 with AI: Will AMD Finally Beat DLSS? (Sep,26 2024 )

9800X3D CPUs are coming WAY sooner than expected! (Sep,25 2024 )

The Father of AMD Zen: Origins of Ryzen Architecture (Sep,25 2024 )

Samsung Galaxy S24 FE - Official Unboxing Video (Sep,25 2024 )

Ripple Bank License, Missing XRPL Transactions, XRP EcoSystem Theory (Sep,25 2024 )

Intel is FINALLY Doing Something Different (Sep,23 2024 )

Stop, Intel's Already Dead! - AMD Ryzen 9600X & 9700X Review (Sep,23 2024 )

5 tech MISTAKES you didn't know you are making (Sep,21 2024 )

Quickest AUDI RS vs Quickest DUCATI: DRAG RACE (Sep,21 2024 )

Ryzen 7 5800X3D vs Ryzen 7 7800X3D - Big Difference? (Sep,21 2024 )

Is Windows 11 BAD for Ryzen 5000? (Windows 10 vs 11 Gaming (Sep,20 2024 )

Intel 24H2 Test: Ryzen 7 9700X vs. Core i7-14700K, 42 Game Benchmark (Sep,19 2024 )

30 Hidden NEW Features in iOS 18 (Sep,18 2024 )

Goodbye VMware, Hello Proxmox! (Sep,18 2024 )

Windows 11 24H2: Upgrade Unsupported Hardware (Sep,17 2024 )

Nvidia Nerfs The RTX 4070, Sneaky Downgrades (Sep,15 2024 )

Major New Windows Update Attack - New ChatGPT Model (Sep,13 2024 )

$4 vs $40 vs $400 printer (Sep,13 2024 )

Celebrate Friday the 13th (Sep,13 2024 )

NVIDIA GeForce 561.09 WHQL Game Ready Drivers (Sep,11 2024 )

Apple Just Sold Me an iPhone - iPhone 16 Launch Event (Sep,10 2024 )

RYZEN 9 9900X vs RYZEN 5 7600X | Test in 6 Games (Sep,10 2024 )

A Guided Tour of iPhone 16 & iPhone 16 Pro | Apple (Sep,10 2024 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs