Ad End 1 February 2024
Ad Ends 13 January 2025
Ad End 26 February 2025
ad End 25 April 2025
Ad Ends 20 January 2025
Ad expire at 5 August 2024
banner Expire 25 April 2025
What's new
banner Expire 15 January 2025
banner Expire 20 October 2024
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
7,544
Reaction score
916
Points
212
Awards
2
  • trusted user
  • Rich User
French software provider Centreon has hit back at a report from the country’s cybersecurity agency that its products were hijacked in a Russian cyber-campaign, claiming that no paying customers were affected.

The firm, which produces IT monitoring software not unlike SolarWinds, was at the center of a report from the French National Agency for the Security of Information Systems (ANSSI) this week.

It claimed that the infamous Sandworm group, responsible for destructive attacks against Ukrainian energy providers in prior years, had targeted IT and web hosting firms from 2017 to 2020.

The group is said to have dropped a version of the P.A.S. web shell and the Exaramel backdoor Trojan to obtain remote control of “several Centreon servers exposed to the internet.”

However, in an update yesterday, the IT vendor clarified that the campaign only targeted legacy open source versions of its software, at around 15 organizations.

“The campaign described by ANSSI exclusively concerns obsolete versions of Centreon’s open source software. Indeed, the ANSSI specifies that the most recent version concerned by this campaign is version 2.5.2, released in November 2014,” it said.

“This version is not only no longer supported for more than five years, but has apparently also been deployed without respect for the security of servers and networks, including connections outside the entities concerned. Since this version, Centreon has released eight major versions.”

Centreon also made it clear that it had not been responsible for unwittingly distributing malicious code itself in a supply chain-style attack similar to SolarWinds.

As well as the BlackEnergy attacks in Ukraine, Sandworm has in the past been linked to cyber-espionage campaigns against NATO members and European governments in 2019. More relevant still were the attacks it launched against Exim email servers last year.
 
Ad End 1 February 2024
Top