An unknown threat actor is exploiting the vulnerability to create admin accounts.
Enlarge/ Cables run into a Cisco data switch. (credit: Getty Images)
On Monday, Cisco reported that a critical zero-day vulnerability in devices running IOS XE software was being exploited by an unknown threat actor who was using it to backdoor vulnerable networks. Company researchers described the infections as a "cluster of activity."
On Tuesday, researchers from security firm VulnCheck said that at last count, that cluster comprised more than 10,000 switches, routers, and other Cisco devices. All of them, VulnCheck said, have been infected by an implant that allows the threat actor to remotely execute commands that run at the deepest regions of hacked devices, specifically the system or iOS levels.
"Cisco buried the lede by not mentioning thousands of Internet-facing IOS XE systems have been implanted," VulnCheck CTO Jacob Baines wrote. "VulnCheck scanned internet-facing Cisco IOS XE web interfaces and found thousands of implanted hosts. This is a bad situation, as privileged access on the IOS XE likely allows attackers to monitor network traffic, pivot into protected networks, and perform any number of man-in-the-middle attacks."
A sound so iconic, it was embedded into The Empire Strikes Back.
Enlarge/ A woman walks past a logo for the Canadian Broadcasting Corp. (CBC) in Edmonton, Alberta, Canada in 2022. (credit: Getty Images)
"The beginning of the long dash, followed by 10 seconds of silence, indicates exactly 1 o'clock Eastern daylight time."
Millions of Canadians grew accustomed to hearing a version of this daily affirmation on CBC Radio One. The National Research Council Time Signal, and the series of 800 Hz "pips" that preceded and followed the time-setting dash, worked its way into everyday rituals. Human listeners, and automated radio receivers at railways, shipping firms, and other entities, could set their mechanical clocks to it. That is why it started broadcasting on November 5, 1939, one year into Canada's entry into World War II.
Today, X (formerly known as Twitter) became the first platform fined under Australia's Online Safety Act. The fine comes after X failed to respond to more than a dozen key questions from Australia eSafety Commissioner Julie Inman Grant, who was seeking clarity on how effectively X detects and mitigates harms of child exploitation and grooming on the platform.
In a press release, Inman Grant said that X was given 28 days to either appeal the decision or pay the approximately $380,000 fine. While the fine seems small, the reputational ding could further hurt X's chances of persuading advertisers to increase spending on the platform, Reuters suggested. And any failure to comply or respond could trigger even more fines—with X potentially on the hook for as much as $493,402 daily for alleged non-compliance dating back to March 2023, The Guardian reported. That could quickly add up to tens of millions if X misses the Australian regulator's deadline.
“If they choose not to pay, it’s open to eSafety to take other action or to seek a civil penalty through the courts,” Inman Grant told the Sydney Morning Herald. “We’re talking about some of the most heinous crimes playing out on these platforms, committed against innocent children.”
A man suspected of operating a pirate IPTV service in Italy faces the dubious honor of becoming a prosecution and sentencing guinea pig under the country’s new anti-piracy law. Police shut down the provider following an investigation into piracy of Sky TV channels. Referencing material seized during the raid, police say “it will be possible to identify the names of end users.”
From: TF, for the latest news on copyright battles, piracy and more.
The Italian government, lawmakers, telecoms regulator AGCOM, broadcasters, and football leagues invested considerable resources to get new law over the finishing line in July.
While one aspect of the law focuses on blocking access to pirate services, another ramps up punishments for those caught supplying illegal streams and customers who buy subscriptions to watch them.
Financial Police Raid Pirate IPTV Provider
In what may be the first major action following the introduction of the new law, Italy’s Guardia di Finanza (GdF) says it has shut down an IPTV provider in the southern Italian town of Canosa di Puglia.
“The financiers of the Barletta Group, as part of an initiative dedicated to combating television piracy, following extensive investigative activity, discovered an illegal transmission center for the channels of the SKY platform,” GdF (Financial Police) reports.
After being named in connection with similar operations in 2022, investigators of the Fiamme Gialle are also credited here for the discovery of a server room in Canosa.
Equipment Seized
According to GdF, the Barletta Provincial Command investigators’ work led to a raid and the discovery of five high-powered computers, 33 decoders used to acquire the original broadcasts, plus 12 video encoders used at the rebroadcasting stage.
Aside from computers, a maze of cables, and nine power adaptors perilously plugged into a single mains power extension, one of the images provided by GdF reveals a monitor displaying a purple interface. Once zoomed in, the image offers more detail on how the service operated.
The text and interface in the image suggest that the sources of at least some original streams were satellite broadcasts decoded on-site using relatively cheap receivers configured for card-sharing (CCCAM).
The image below is not associated with the raid but shows the interface of a similar decoder when connected to a card-sharing server; the one in the police image has been disconnected.
In the police image the name of the card-sharing provider is in view but too blurry for positive identification at the resolution available.
The decoders, on the other hand, appear to be GT Media V8 devices, most of which have the protective film still in place. They’re inexpensive and widely available.
Equipment Was Fully Operational
Whether the suspect was taken by surprise or busy elsewhere isn’t made clear, but GdF says the equipment was fully operational when officers arrived.
“The equipment identified, functioning and operational at the time of the Financiers’ access, was used to illicitly transmit the pay TV contents to thousands of users, who are currently being identified,” GdF says.
The operator has been reported for copyright violations and if found guilty will face enhanced penalties under the new law. Police are suggesting that the provider’s customers may also face action; thanks to “seized materials it will be possible to identify the names of the end users and evaluate any proceedings against them,” GdF notes.
Italy has a lot of experience prosecuting suppliers but much less on the consumer side. For members of the casually-pirating public reliant on the media for information and guidance, legal detail and nuance tend to be lacking. As a result, the next few months could present a very steep learning curve for the less tech-savvy.
For those who signed up to the service with their real name, accurate contact details, and/or easily traceable payment methods, regret is likely to follow if the authorities take action.
From: TF, for the latest news on copyright battles, piracy and more.
An advertising industry group urged Comcast to stop its "10G" ads or modify them to state that 10G is an "aspirational" technology rather than something the company actually provides on its cable network today. The National Advertising Division (NAD), part of the advertising industry's self-regulatory system run by BBB National Programs, ruled against Comcast after a challenge lodged by T-Mobile.
In its decision announced Thursday, the NAD recommended that Comcast "discontinue its '10G' claims" or "modify its advertising to (a) make clear that it is implementing improvements that will enable it to achieve '10G' and that it is aspirational or (b) use '10G' in a manner that is not false or misleading, consistent with this decision."
Comcast plans to appeal the decision, so it won't make any changes to marketing immediately. If Comcast loses the appeal and agrees to change its practices, it would affect more than just a few ads because Comcast now calls its entire broadband network "10G."
An advertising industry group urged Comcast to stop its "10G" ads or modify them to state that 10G is an "aspirational" technology rather than something the company actually provides on its cable network today. The National Advertising Division (NAD), part of the advertising industry's self-regulatory system run by BBB National Programs, ruled against Comcast after a challenge lodged by T-Mobile.
In its decision announced Thursday, the NAD recommended that Comcast "discontinue its '10G' claims" or "modify its advertising to (a) make clear that it is implementing improvements that will enable it to achieve '10G' and that it is aspirational or (b) use '10G' in a manner that is not false or misleading, consistent with this decision."
Comcast plans to appeal the decision, so it won't make any changes to marketing immediately. If Comcast loses the appeal and agrees to change its practices, it would affect more than just a few ads because Comcast now calls its entire broadband network "10G."
Nissan has been able to satisfy the IRS’s domestic battery component requirement.
Enlarge/ The Leaf was given a midlife facelift last year. (credit: Nissan)
While it is true that the recent wave of new electric vehicles has been anything but cheap, there are still a few relatively affordable EVs out there for people who don't mind smaller cars— including the Nissan Leaf. An early pioneer in the electrification game, the venerable Leaf has been rather forgotten. Well, forget no more because there's now Nissan Leaf news: The car once again qualifies for a federal tax credit.
We saw a big revamp of the federal EV incentive this year thanks to the Inflation Reduction Act. Before, the tax credit was tied to the storage capacity of the car's battery. Now, it's determined by how much of the pack was domestically sourced or assembled.
For this year, if at least half the pack's critical minerals were refined in the United States (or a country with a free trade agreement with the US), then the EV is eligible for a $3,750 tax credit, provided that final assembly also occurs in North America. Another $3,750 is available if half or more of the pack's components were assembled in the US.
The last Google-branded smartphone to support video output over a USB cable was the Nexus 5, which was released in 2013. But a decade later Google has released a new set of phones that do have the hardware to support video output. Unfortunately that d…
The last Google-branded smartphone to support video output over a USB cable was the Nexus 5, which was released in 2013. But a decade later Google has released a new set of phones that do have the hardware to support video output. Unfortunately that doesn’t mean you can just plug a monitor into the USB-C […]
New console will be FPGA-based but won’t support other openFPGA cores.
Enlarge/ The Analogue 3D is the company's next FPGA-based retro console, but the company isn't showing the whole thing off yet. (credit: Analogue)
Retro game enthusiasts will know Analogue for its consoles’ dedication to accuracy. From the original Analogue Nt, which used chips harvested from broken NES consoles, to the Analogue Pocket, which uses an FPGA chip to accurately emulate handheld hardware, the company has always focused on modern hardware that can play actual game cartridges while preserving the idiosyncrasies of the original game consoles.
Today, Analogue is announcing the Analogue 3D, a console that will use an FPGA to run games made for 1996’s Nintendo 64. Because FPGAs emulate consoles at a hardware level, they're much better at replicating all of the specific quirks of the original hardware, making games look and run like they would have on the original consoles without any performance problems or rendering inaccuracies. Like Analogue's other home console replicas, the Analogue 3D is designed to play original cartridges and not ROM files, and the cartridge slot is region-free, so it'll work with games from all over the world.
Analogue didn't reveal a price or a specific launch date for the Analogue 3D, just that the console will show up sometime in 2024. It also didn't show off the design of the console itself or the controller, though it did tease both—if you look closely, you'll see an 8BitDo logo on the controller, the same company that made Analogue's replica controllers for its Super Nintendo, Sega Genesis, and TurboGrafx retro consoles.
Für viele Menschen sind Deutsche Telekom und 1N Telecom offenbar nicht zu unterscheiden: Sie antworten auf Werbebriefe und müssen 400 Euro Strafe an 1N Telecom zahlen. (Verbraucherschutz, DSL)
Für viele Menschen sind Deutsche Telekom und 1N Telecom offenbar nicht zu unterscheiden: Sie antworten auf Werbebriefe und müssen 400 Euro Strafe an 1N Telecom zahlen. (Verbraucherschutz, DSL)
Für viele Menschen sind Deutsche Telekom und 1N Telecom offenbar nicht zu unterscheiden: Sie antworten auf Werbebriefe und müssen 400 Euro Strafe an 1N Telecom zahlen. (
You must be logged in to post a comment.