German BfV warns of China’s data collection. Active scans for unpatched Citrix instances. C-Data backdoors. Ransomware market.

0
206

The AP says that yesterday’s annual report of Germany’s Bundesamt für Verfassungsschutz warned that consumers providing information to Chinese companies may also be providing it to the Chinese government.

Attackers are actively scanning for recently patched vulnerabilities in Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, the SANS Institute reports. Users are urged to apply the patches as soon as possible.

Security researchers Pierre Kim and Alexandre Torres report finding vulnerabilities in widely used Fiber-To-The-Home (FTTH) and Optical Line Termination (OLT) devices sold by Shenzhen-based C-Data. ZDNet observes that, of the seven vulnerabilities found, the most serious is the hardcoding of Telnet accounts in the firmware. These grant intruders full administrative access to the devices. Security Affairs points out that the backdoors appear to be intentional.

A Zoom zero-day affects older and no-longer-supported Windows systems (Windows 7 and earlier) too many of which remain in use, according to 0Patch. ZDNet says Zoom is working on a fix.

BleepingComputer reports that Ryuk ransomware is fading while its malware sibling,…

Read More…