Nov. 16, 2023, 12:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics

Recently SektorCERT (previously EnergiCERT) published a report on what they state is the largest known cyber attack against Danish critical infrastructure. Digging through the report it appears that an unauthenticated remotely exploitable vulnerability in Zyxel firewalls (CVE-2023-28771) was leveraged to gain the initial foothold. 

This particular vulnerability was externally reported to Zyxel in April 2023 by an independent third party. The vulnerable service was software implementing IPSec and exploited over UDP port 500 using a “specially crafted” IKEv2 packet. Rapid7 …

attack complexity critical critical infrastructure cve cve-2023-28771 cyber firewall firewalls infrastructure it infrastructure report reveal sektorcert state supply supply chain unauthenticated vulnerabilities vulnerability zyxel zyxel firewalls

Paid internship - Cybersecurity [BGSW]

@ Bosch Group | Warszawa, Poland

Cybersecurity Officer

@ People In Need | Prague 2, Prague, Czechia

University -Cybersecurity Consultant

@ Booz Allen Hamilton | USA, CA, San Diego (1615 Murray Canyon Rd)

Senior Security Engineer, Detection Engineering

@ Lyft | Seattle, WA

Architecte de la sécurité des applications / Application Security Architect

@ Genetec | Montreal, Quebec, Canada

Telecommunications Sector| SIEM Engineer

@ Devoteam | Lisbon, Portugal