technology-news.space - All about the world of technology!

  • Artificial Intelligence
  • Data Management & Statistics
  • Information Technology
  • Internet of Things
  • Networking
  • Robotics
  • Network
    • *** .SPACE NETWORK ***
      • art-news
      • eco-news
      • economic-news
      • family-news
      • job-news
      • motor-news
      • myhome-news
      • politic-news
      • realestate-news
      • scientific-news
      • show-news
      • technology-news
      • traveller-news
      • wellness-news
    • *** .CLOUD NETWORK ***
      • sportlife
      • calciolife
    • *** VENTIDI NETWORK ***
      • ventidinews
      • ventidisocieta
      • ventidispettacolo
      • ventidisport
      • ventidicronaca
      • ventidieconomia
      • ventidipolitica
    • *** MIX NETWORK ***
      • womenworld
      • sportlife
      • foodingnews
      • sportingnews
      • notiziealvino
Search
Login

technology-news.space - All about the world of technology!

Menu
Search

HOTTEST

  • Image via Ben Maguire
    Cyber-security firm Symantec said it identified another malware strain that was used during the SolarWinds supply chain attack, bringing the total number to four, after the likes of Sunspot, Sunburst (Solorigate), and Teardrop.

    SolarWinds Updates

    Named Raindrop, Symantec said the malware was used only during the very last stages of an intrusion, deployed only on the networks of very few selected targets.
    Symantec said it encountered only four Raindrop samples in the cases it investigated until today.
    Also: Best VPNs • Best security keys • Best antivirus 
    Timeline of the SolarWinds supply chain attack
    But to understand Raindrop’s role and position in these attacks, we must first go over the timeline of the entire SolarWinds incident.
    Based on reports and information published by Microsoft, FireEye, CrowdStrike, and others, the SolarWinds intrusion is believed to have taken place in mid-2019 when hackers, believed to be linked to the Russian government, breached the internal network of SolarWinds, a Texas-based software maker.
    The intruders first deployed the Sunspot malware, which they used exclusively inside SolarWinds’ own network. CrowdStrike said the attackers used the malware to modify the build process of the SolarWinds Orion app and insert the Sunburst (Solorigate) malware inside new versions of Orion, an IT inventory management system.

    These trojanized Orion versions went undetected and were active on the official SolarWinds update servers between March and June 2020. Companies who applied Orion updates also unwittingly installed the Sunburst malware on their systems.
    But the Sunburst malware wasn’t particularly complex and didn’t do much except gather info about the infected network and send the data to a remote server.
    Even if around 18,000 SolarWinds customers got themselves infected with the Sunburst malware, the Russian hacking group carefully selected its targets and opted to escalate attacks only in a handful of cases, for the likes of high-profile targets such as US government agencies, Microsoft, or security firm FireEye.
    When hackers decided to “escalate their access,” they used Sunburst to download and install the Teardrop malware [see past reports from Symantec and Check Point].
    Raindrop — Teardrop’s sibling
    But Symantec says that in some cases, the hackers chose to deploy the Raindrop malware strain instead of the more widely used Teardrop.
    Despite being different strains, Symantec said the two backdoors had similar functionality, which the company described as being “a loader for [the] Cobalt Strike Beacon,” which the intruders later used to escalate and broaden their access inside a hacked IT network.
    But while both Raindrop and Teardrop were used for the same purpose, Symantec said that some differences also exist between the two, most being under the hood, at the code level, best described in the table below:

    Image: Symantec
    The other major difference is how the two malware strains were deployed. 
    Symantec said that the more widely used Teardrop was installed directly by the Sunburst malware, while Raindrop mysteriously appeared on systems where Sunburst was also found, with no direct evidence that Sunburst triggered its installation.
    The US security firm said it’s currently investigating how Raindrop was installed.
    The most obvious avenue is found in previous reports on the SolarWinds hacks that mentioned that hackers also used the Sunburst malware to run various fileless PowerShell payloads, many of which would leave minimal forensic evidence on infected hosts. While unconfirmed, it may be possible that Raindrop is the result of these operations.
    But the lesson here is that security teams investigating SolarWinds incidents inside their networks now also need to scan for the presence of another malware strain — Raindrop.
    The Symantec report released today includes indicators of compromise (IOCs) that the security firm has seen in the cases it investigated. More

  • Fortinet has patched a vulnerability that attackers could have leveraged to take complete control of a device with the highest possible privileges, according to a report from cybersecurity company Rapid7.

    Rapid7 researcher William Vu was credited with discovering the issue, which centers around an OS command injection vulnerability in FortiWeb’s management interface, particularly in version 6.3.11 and prior. The vulnerability allows a remote, authenticated attacker “to execute arbitrary commands on the system, via the SAML server configuration page.””This is an instance of CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’), and has a CVSSv3 base score of 8.7,” the report said.Vu added that the vulnerability appeared to be tied to CVE-2021-22123 and was patched by Fortinet in June. Fortinet FortiWeb is a web application firewall that is built to identify both known and unknown exploits targeting protected web applications before they have a chance to execute, according to Rapid7. Vu discovered the vulnerability in June and Fortinet quickly acknowledged the disclosure and patched the issue. 

    Rapid7 released a detailed report about how the attack works, noting that a hacker who has already been authenticated to the management interface of the FortiWeb device could then “smuggle commands using backticks in the ‘Name’ field of the SAML Server configuration page.””An attacker can leverage this vulnerability to take complete control of the affected device, with the highest possible privileges. They might install a persistent shell, crypto mining software, or use the compromised platform to reach into the affected network beyond the DMZ,” the report said.  “Note that while authentication is a prerequisite for this exploit, this vulnerability could be combined with another authentication bypass issue, such as CVE-2020-29015.”If users are not able to patch their devices, Rapid7 suggests disabling the FortiWeb device’s management interface from untrusted networks, which they said “includes the internet.””Generally speaking, management interfaces for devices like FortiWeb should not be exposed directly to the internet anyway — instead, they should be reachable only via trusted, internal networks, or over a secure VPN connection,” the Rapid7 report explained. Fortinet has invested heavily in security features over the last year but that has done little to stop widespread concern about multiple vulnerabilities found in their products over the last six months. The FBI and CISA have released multiple alerts warning Fortinet users about insecure products being exploited by hackers. The FBI issued a flash alert in May after a local government office was attacked through Fortinet vulnerabilities. That alert came just weeks after another report was released by US agencies warning that advanced persistent threat groups are exploiting Fortinet FortiOS vulnerabilities to compromise systems belonging to government and commercial entities. More

  • Sabrina Ortiz/ZDNETFollow ZDNET: Add us as a preferred source More

  • Yuichiro Chino/Getty Images The US Securities and Exchange Commission (SEC) has slapped the Intercontinental Exchange (ICE) with a $10 million fine for failing to promptly notify its subsidiaries, including the New York Stock Exchange, about a cybersecurity breach. The US-based operator of financial exchanges and clearinghouses has agreed to pay the fine, the SEC said […] More

  • For more than a decade now, security experts have had discussions about what’s the best way of choosing passwords for online accounts. There’s one camp that argues for password complexity by adding numbers, uppercase letters, and special characters, and then there’s the other camp, arguing for password length by making passwords longer. This week, in […] More

Internet of Things

  • Samsung Spotlights Next-generation IoT Innovations for Retailers at National Retail Federation’s BIG Show 2017

    Read More

  • That’s Fantasy! The World’s First Stone Shines And Leads You to The Right Way

    Read More

  • LG Pushes Smart Home Appliances To Another Dimension With ‘Deep Learning’ Technology

    Read More

  • The Port of Hamburg Embarks on IoT: Air Quality Measurement with Sensors

    Read More

Artificial Intelligence

  • in Artificial Intelligence

    Contact-aware robot design

    19 July 2021, 04:00

  • in Artificial Intelligence

    MIT Schwarzman College of Computing awards named professorships to two faculty members

    16 July 2021, 15:45

  • in Artificial Intelligence

    Getting dressed with help from robots

    14 July 2021, 19:15

  • in Artificial Intelligence

    Software to accelerate R&D

    13 July 2021, 04:00

  • in Artificial Intelligence

    Sertac Karaman named director of the Laboratory for Information and Decision Systems

    12 July 2021, 16:00

  • in Artificial Intelligence

    The tenured engineers of 2021

    9 July 2021, 20:00

  • in Artificial Intelligence

    US Air Force pilots get an artificial intelligence assist with scheduling aircrews

    8 July 2021, 18:45

  • in Artificial Intelligence

    Infrared cameras and artificial intelligence provide insight into boiling

    7 July 2021, 20:15

  • in Artificial Intelligence

    Designing exploratory robots that collect data for marine scientists

    7 July 2021, 04:00

Robotics

  • in Robotics

    Roku vs. Fire Stick: I compared the best streaming devices in 2025, and this one wins

    27 November 2025, 01:35

  • in Robotics

    I won’t travel for work without this PC accessory – here’s why it’s worth the bag space

    27 November 2025, 01:24

  • in Robotics

    Roku or Fire TV stick? This $19 deal on Amazon made the decision easy for me

    27 November 2025, 01:23

  • in Robotics

    Verizon is giving away free iPhones, iPads, and Apple Watches – here’s how you can get them

    27 November 2025, 01:18

  • in Robotics

    Verizon customers may qualify for a free Samsung 4K TV for Black Friday – here’s how

    27 November 2025, 01:10

  • in Robotics

    Marshall’s boldest soundbar yet is the company’s first to tempt me away from Sonos

    27 November 2025, 01:00

  • in Robotics

    This sleeper hit Windows laptop was already a steal, but now it’s $500 off

    27 November 2025, 00:55

  • in Robotics

    Shop the best Costco deals for Black Friday 2025 right now

    27 November 2025, 00:52

  • in Robotics

    The 20+ best Black Friday headphones deals, hand-picked by an audio reviewer

    27 November 2025, 00:46

Networking

  • I found the best Apple Watch deals for Black Friday 2025

  • Black Friday TV deals are live now with massive sales: I’m tracking the top 40 sales live

  • Marshall’s boldest soundbar yet has me rethinking my entire Sonos setup

  • Make soft-serve ice cream at home with the Ninja Creami Swirl – down to the lowest price yet for Black Friday

  • Best early Black Friday phone deals 2025: I found 15 offers on iPhones, Pixel, Samsung, more

  • I used this free tool to see what data the internet has on me – and the results were disturbing

  • Own AirPods? I changed 3 settings on my iPhone to significantly improve the audio experience

Data Management & Statistics

  • Method prevents an AI model from being overconfident about wrong answers

  • Groundbreaking poverty alleviation project expands with new Arnold Ventures, J-PAL North America collaboration

  • Roadmap details how to improve exoplanet exploration using the JWST

  • Study: When allocating scarce resources with AI, randomization can improve fairness

  • AI model identifies certain breast tumor stages likely to progress to invasive cancer

  • How to assess a general-purpose AI model’s reliability before it’s deployed

  • Machine learning and the microscope

ABOUT

The QUATIO - web agency di Torino - is currently composed of 28 thematic-vertical online portals, which average about 2.300.000 pages per month per portal, each with an average visit time of 3:12 minutes and with about 2100 total news per day available for our readers of politics, economy, sports, gossip, entertainment, real estate, wellness, technology, ecology, society and much more themes ...

technology-news.space is one of the portals of the network of:

Quatio di CAPASSO ROMANO - Web Agency di Torino
SEDE LEGALE: CORSO PESCHIERA, 211 - 10141 - ( TORINO )
P.IVA IT07957871218 - REA TO-1268614

ALL RIGHTS RESERVED © 2015 - 2025 | Developed by: Quatio

ITALIAN LANGUAGE

calciolife.cloud | notiziealvino.it | sportingnews.it | sportlife.cloud | ventidicronaca.it | ventidieconomia.it | ventidinews.it | ventidipolitica.it | ventidisocieta.it | ventidispettacolo.it | ventidisport.it

ENGLISH LANGUAGE

art-news.space | eco-news.space | economic-news.space | family-news.space | job-news.space | motor-news.space | myhome-news.space | politic-news.space | realestate-news.space | scientific-news.space | show-news.space | sportlife.news | technology-news.space | traveller-news.space | wellness-news.space | womenworld.eu | foodingnews.it

This portal is not a newspaper as it is updated without periodicity. It cannot be considered an editorial product pursuant to law n. 62 of 7.03.2001. The author of the portal is not responsible for the content of comments to posts, the content of the linked sites. Some texts or images included in this portal are taken from the internet and, therefore, considered to be in the public domain; if their publication is violated, the copyright will be promptly communicated via e-mail. They will be immediately removed.

  • Home
  • Network
  • Terms and Conditions
  • Privacy Policy
  • Cookies
  • Contact
Back to Top
Close
  • Artificial Intelligence
  • Data Management & Statistics
  • Information Technology
  • Internet of Things
  • Networking
  • Robotics
  • Network
    • *** .SPACE NETWORK ***
      • art-news
      • eco-news
      • economic-news
      • family-news
      • job-news
      • motor-news
      • myhome-news
      • politic-news
      • realestate-news
      • scientific-news
      • show-news
      • technology-news
      • traveller-news
      • wellness-news
    • *** .CLOUD NETWORK ***
      • sportlife
      • calciolife
    • *** VENTIDI NETWORK ***
      • ventidinews
      • ventidisocieta
      • ventidispettacolo
      • ventidisport
      • ventidicronaca
      • ventidieconomia
      • ventidipolitica
    • *** MIX NETWORK ***
      • womenworld
      • sportlife
      • foodingnews
      • sportingnews
      • notiziealvino