Cybersecurity

cross-posted from: https://lemmy.bestiver.se/post/328810

Comments

The Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification and numbering, designed to improve flexibility, scalability, and autonomy for participating entities.

While remaining compatible with the traditional CVE system, GCVE introduces GCVE Numbering Authorities (GNAs). GNAs are independent entities that can allocate identifiers without relying on a centralised block distribution system or rigid policy enforcement.

Funding is about to run out for the Common Vulnerabilities and Exposures (CVE) program – a system used by major companies like Microsoft, Google, Apple, Intel, and AMD to identify and track publicly disclosed cybersecurity vulnerabilities. The program helps engineers identify how bad an exploit is and how to prioritize applying patches or other mitigations.

MITRE, the federally funded organization behind the program, confirmed to The Verge that its contract to “develop, operate, and modernize” CVE will expire on April 16th.

First launched in 1999, the CVE program houses a database where participating organizations can assign IDs to known cybersecurity vulnerabilities. The IDs consist of the letters “CVE” followed by a year and a number, such as CVE-2022-27254, allowing security professionals to monitor details about the vulnerabilities that may impact the devices we use every day and systems that contain information critical to practically everything we do.

Lukasz Olejnik, a security and privacy researcher, said in a post on X that a lack of support for CVE could “cripple” cybersecurity systems around the globe. “The consequence will be a breakdown in coordination between vendors, analysts, and defense systems — no one will be certain they are referring to the same vulnerability,” Olejnik wrote. “Total chaos, and a sudden weakening of cybersecurity across the board.”

“The government continues to make considerable efforts to support MITRE’s role in the program and MITRE remains committed to CVE as a global resource,” Yosry Barsoum, MITRE’s vice president and director at the Center for Securing the Homeland, said in an emailed statement to The Verge. Barsoum also said the change will affect the Common Weakness Enumeration program, which catalogs hardware and software weaknesses.

The news was first spotted in a leaked letter to MITRE board members posted on X and Bluesky. MITRE receives funding from the US Department of Homeland Security (DHS) and the Infrastructure Security Agency (CISA) to “operate and evolve the CVE Program as an independent, objective third party,” according to a video about the program.

cross-posted from: https://midwest.social/post/26331167

This is an utter failure of oversight in governance. And likely a misappropriation of government funds.

What a colossally shortsighted decision.

• Check Point Research has been tracking an advanced phishing campaign conducted by APT29, a Russia linked threat group, which is targeting diplomatic entities across Europe.
• The campaign, which appears to be a continuation of a previous one that utilized a backdoor known as WINELOADER, impersonates a major European foreign affairs ministry to distribute fake invitations to diplomatic events—most commonly, wine tasting events.
• This campaign employs a new loader, called GRAPELOADER, which is downloaded via a link in the phishing email. In addition, we discovered a new variant of WINELOADER which is likely used in later stages of the campaign.
• While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool used for fingerprinting, persistence, and payload delivery. Despite differing roles, both share similarities in code structure, obfuscation, and string decryption. GRAPELOADER refines WINELOADER’s anti-analysis techniques while introducing more advanced stealth methods.

WASHINGTON, April 15 (Reuters) - The notorious internet messageboard 4chan has been hacked, according to posts circulating online, some of which said that a the hacker involved had revealed identifying details of the site's moderators to the public. The alleged hack first came to light when a defunct section of the site sprang back to life with the words "U GOT HACKED" emblazoned across the top, according to Wired magazine.

The Reuters Daily Briefing newsletter provides all the news you need to start your day. Sign up here. Alon Gal, co-founder of Israeli cybercrime monitoring company Hudson Rock, said the claim of a hack "looks legit," citing the publicly circulating screenshots purporting to show 4chan's backend infrastructure

Mod IPs and emails leaked