/?pid=china-linked-hackers-suspected-of-exploiting-zero-day-flaw-in-software-used-by-isps-25080

Updated:04:16 PM EDT Jul 06
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 China-linked hackers suspected of exploiting zero-day flaw in software used by ISPs - TechAmok

China-linked hackers suspected of exploiting zero-day flaw in software used by ISPs - [security]
09:59 AM EDT - Aug,28 2024 - post a comment

Black Lotus Labs has discovered a zero-day vulnerability in Versa Director servers, a virtualization platform widely used by ISPs and managed service providers. This vulnerability, potentially linked to Chinese state-sponsored hacker groups, poses a significant risk to these organizations.

Identified as CVE-2024-39717, this critical flaw was publicly announced on August 22, 2024, and affects all versions of Versa Director software prior to version 22.1.4. The vulnerability is particularly concerning for ISPs and MSPs, as they depend on Versa's software-defined wide area network (SD-WAN) applications to manage network configurations.

The vulnerability's discovery has caused alarm due to its potential to penetrate enterprise networks via Versa Director servers, which are responsible for essential network functions. Black Lotus Labs identified a custom web shell, named "VersaMem," that exploits this flaw to extract login credentials. A notable feature of VersaMem is its modularity, which allows it to load additional Java code directly into the server's memory, effectively evading detection.

Global monitoring data from Black Lotus Labs reveals that the vulnerability has been exploited through compromised small-office/home-office devices in attacks targeting four victims in the United States and one abroad. These attacks, primarily affecting the ISP, MSP, and IT sectors, have been ongoing since June 12, 2024. The attackers initially gain access by exploiting an exposed management port on the Versa Director, designed for connecting Director nodes for high availability, which they then use to deploy the VersaMem web shell. Black Lotus Labs suspects that Chinese state-sponsored hacker groups, known as Volt Typhoon and Bronze Silhouette, are orchestrating the exploitation of this vulnerability. Their analysis indicates that Volt Typhoon is actively targeting unpatched Versa Director systems.

Short overview of recent news articles

I'm an idiot and still made top 5... here's how (Jul,06 2025 )

The Fantastic Four: First Steps - Official 'Lift Off' Teaser (Jul,05 2025 )

Samsung Galaxy Z Fold 7 - Hands on Look (Jul,04 2025 )

RTX 5070 Ti vs RTX 5080 - Is 5080 Gaming Laptop Worth More $$$? (Jul,04 2025 )

FIRST DRIVE: Praga Bohema - Crazy Hypercar Driven! (Jul,04 2025 )

Ballerina - Exclusive John Wick Deleted Scene (2025) Keanu Reeves, (Jul,03 2025 )

Call of Duty: WWII - Remote Code Execution Warning (PC Game Pass) (Jul,03 2025 )

1014HP Lamborghini REVUELTO 369KMH TOP SPEED POV on AUTOBAHN (Jul,02 2025 )

Nvidia Drivers (V 576.80 vs V 576.88) - Test In 12 Games - RTX 4060 (Jul,01 2025 )

AMD Adrenalin 25.6.3 Driver Is Available (Jun,30 2025 )

NVIDIA GeForce RTX 5080 SUPER Could Feature 24 GB Memory, Increased (Jun,30 2025 )

Guess What Nvidia Did THIS Time (Jun,29 2025 )

The 10 Best Dinosaur Movies of All Time (Jun,28 2025 )

Microsoft officially confirms that Windows 11 version 25H2 is coming (Jun,28 2025 )

Eddington - Official Trailer 2 (2025) Joaquin Phoenix, Pedro Pascal (Jun,26 2025 )

Microsoft Say System Restore Points Now Expire After 60 Days (Jun,25 2025 )

Facebook, Netflix, and Microsoft Websites Hijacked to Insert Fake (Jun,25 2025 )

I put a $3000 GPU in my Average PC... It Was a Mistake (Jun,24 2025 )

Best External SSD for Mac 2025: After Weeks of Testing, Here's What (Jun,24 2025 )

Mostly boob jokes this week (RTX 5090 DD) - Tech News June 22 (Jun,23 2025 )

Superman - Official 30 Second Spot (2025) (Jun,21 2025 )

'The fastest road car I've ever been in!' - Ferrari F80 track day (Jun,21 2025 )

CPU SCAM: AMD Ryzen 9800X3D Counterfeits & Fraud (Jun,20 2025 )

28 Years Later Review (Jun,19 2025 )

HW News - NVIDIA "N1x" CPU Leak, ASUS Xbox ROG Ally, More Intel (Jun,18 2025 )

NVIDIA GeForce 576.80 WHQL Driver (Jun,17 2025 )

The Fantastic Four: First Steps - Official 'H.E.R.B.I.E.' Teaser (Jun,16 2025 )

Huawei Maextro S800 First Look - A True BMW & Mercedes Killer? (Jun,15 2025 )

Upgrade Windows 10 to Windows 10 LTSC Without Losing Data (Jun,14 2025 )

Squid Game: Season 3 - Final Games Trailer (Jun,14 2025 )

WWDC 2025: Everything Revealed in 9 Minutes (Jun,11 2025 )

Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws (Jun,10 2025 )

This Malware BREAKS WINDOWS! (Jun,10 2025 )

Reset Forgotten Password without Any Software, without USB drive in (Jun,10 2025 )

Microsoft Will Block Unsupported Hardware For Windows 11 (Jun,08 2025 )

Memory Wars! Apple vs Ryzen - Is Unified Memory Faster than Shared (Jun,08 2025 )

Predator: Killer of Killers - Exclusive Clip (2025) (Jun,06 2025 )

Enable Deep Effect on Samsung One Ui 7 (Jun,06 2025 )

Google Kills Off PayPal in Google Wallet (Jun,05 2025 )

Samsung's Next Flagship Foldable Will be Ultra (Jun,05 2025 )

Over 40 Malicious Chrome Extensions Mimic Popular Brands to Steal (Jun,05 2025 )

The Witcher IV - Unreal Engine 5 tech demo (Jun,03 2025 )

Nintendo Switch 2 Welcome Tour trailer (Jun,02 2025 )

Stranger Things 5 | Date Announcement | Netflix (Jun,01 2025 )

RTX 5060 Review... No wonder NVIDIA tried to stop us from talking (May,31 2025 )

Samsung Galaxy Watch 8 Classic Is Here - 7 New Updates (May,30 2025 )

Biggest Windows 11 24H2 May Update in the Main Release (May,30 2025 )

How Much Money Should You Spend on a Gaming PC? (May,29 2025 )

laud Note vs Note Pin - Which AI Voice Recorder To Choose (May,29 2025 )

Samsung One UI 8.0 vs One UI 7.0 - 25+ Changes (May,29 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs