Positive Technologies

We highly recommend attending!

Experts from the PT SWARM team at Positive Technologies have identified a critical vulnerability, CVE-2024-48352 (BDU:2024-07167), in the Yealink Meeting Server: https://lnkd.in/gae6cDkV With a CVSS 3.1 score of 7.5, this #vulnerability could expose conference participants' credentials and sensitive information, potentially allowing attackers to infiltrate corporate networks. The vendor was notified in accordance with the responsible disclosure policy and has since released a software patch to address the issue. “Before remediation, vulnerability CVE-2024-48352 gave any attacker access to the credentials of all users in the system without authorization. In other words, attackers could log in to the Yealink Meeting Server video conferencing system on behalf of any user and intercept information in an organization,” explained Egor Dimitrenko, Senior Specialist in the Security Analysis Department's Penetration Testing Team at Positive Technologies. Yealink, a global leader in IP telephony and a top-five producer of online conferencing solutions, serves users in over 140 countries. According to open-source data, as of October 2024, 461 Yealink Meeting Server systems remained vulnerable worldwide. The highest concentrations were in China (64%), Russia (13%), and Poland (5%). We strongly urge all users to update to the latest version of Yealink Meeting Server without delay.

The international cyberbattle Standoff 14 has begun! ??? https://lnkd.in/dd7a-5Hn From November 26 to 29, hundreds of white-hat hackers from around the world will compete for glory and a $50,000 prize pool. Participants: ?? 48 attacking teams from Bangladesh, Vietnam, Egypt, India, Indonesia, Kazakhstan, Kenya, China, Malaysia, Nigeria, Pakistan, Poland, Portugal, Thailand, Uzbekistan, Philippines, France, Ethiopia, and South Africa. ??? 14 defending teams from Ethiopia, Indonesia, Malaysia, Vietnam, Bangladesh, and Russia. Over four intense days, they will test security and investigate attacks across four industry segments: ? Energy sector? ?? Oil and gas ?? Banks ?? IT ?? Each evening, the Standoff Insider Analytics Studio will summarize the day’s interim results and key highlights. Want more details? Check out the to follow the battle’s real-time progress: https://lnkd.in/daXEXzXn Let the battle begin! #Standoff14 #cyberbattle?

What’s on the agenda for the upcoming Positive Hack Talks in Hanoi, Vietnam, on November 29? Nine exclusive sessions on hacking, including: ?? Hacking the Hackers ? NTLM Relay: Attack & Defend ?? Malware and Hunting for Persistence …and much more! Check out the cards below for more details! Register now: https://lnkd.in/dw-sjTws #phtalks

Positive Technologies researchers discovered vulnerabilities in GigaDevice GD32 microcontrollers that could potentially allow bypassing readout protection. These vulnerabilities might enable attackers to extract firmware, which could then be exploited or used to create counterfeit devices. These chips are everywhere—charging stations, car engines, batteries, and more. "Many modern devices are built from standard components that are typically much cheaper than the final product," shares Alexey Usanov, Head of Hardware Security at Positive Technologies. "Their primary value lies in the firmware, which enables individual components to function together seamlessly. To protect this critical intellectual property stored in the flash memory of microcontroller units, readout protection technologies are used. Protection in GigaDevice chips isn't as robust as it could be, especially since the firmware is available for download publicly, making it easier for attackers to find vulnerabilities in equipment. These microcontrollers have been used widely in products around the world over the past year and a half to replace the popular 32-bit microchips from STMicroelectronics." Testing showed that firmware on 11 chip families could be extracted unencrypted. The vendor has been informed. ?? Pro tip: Manufacturers, double-check your microcontroller security. Users, ask your vendors about their chips or inspect devices to stay safe!

Get ready to dive deep into the world of cybersecurity at Positive Hack Talks in Hanoi! This in-person meetup is your chance to connect with fellow security pros, learn from the best, and have some fun: https://lnkd.in/dw-sjTws Don't miss the chance to hear from Hieu Ngo, a cybersecurity ninja from the National Cyber Security Center. He'll be dropping knowledge on "Hack the Hackers: The Art of Blackhat Counterintelligence." Here's what you can expect: ???Fireside chats with industry leaders ????Hacking challenges to test your skills? ???Networking opportunities to connect with fellow hackers ???An epic after-party When: November 29, 2024, 8:00 a.m. (GMT+7) Where: M?venpick Hotel Hanoi Centre, Hanoi, Vietnam How: In-person only Act fast! Registration closes on November 28, 2024. Grab your spot now

Missed our sessions at #GITEX but still curious to catch up? Check out our YouTube playlist with recordings from the event: https://lnkd.in/dnJ-7s3H You can learn more about: 1?? "How to Achieve Better Results by Optimizing Cyber Budgets" by Mikhail Толчельников, Senior Business Consultant at Positive Technologies 2?? "DEPHAZE: Pre-launch for Partners" by Vladimir Gridnev, Head of International Presale at Positive Technologies 3?? "MENA 2024: APT-Groups and the Latest Cases" by Denis Kuvshinov, Head of Threat Intelligence at Positive Technologies 4?? "The Role of Artificial Intelligence in Cybersecurity" by Ivor Rankin, Technical Director, GC6 5?? "Building Industry-Specific Security Operations Centers (SOCs)" by Evgeniy Borodulin, Deputy Chief Technical Officer at Positive Technologies 6?? "Exposing and Fixing Physical Access Vulnerabilities" by Anton S., Pre-sales Architect at Positive Technologies 7?? "The Practical Guide to Answering the CEO’s Question: 'Are We Secure?'" by Alexey Lukatsky, Managing Director and Cybersecurity Business Consultant at Positive Technologies 8?? Starting a Career in Cybersecurity: The Path to Becoming a White-Hat Hacker by Nidal Al Jabi, Positive Hack Camp alumni And don’t forget to subscribe to our YouTube channel for more useful content!

Microsoft released an update for a range of Windows products to resolve the vulnerability discovered by Sergey Tarasov from the Positive Technologies Expert Security Center (PT ESC). Updates were released for Windows 10, Windows 11, Windows Server 2025, Windows Server 2022, and Windows Server 2019. The vulnerability received a CVSS 3.1 score of 7.8 with a severity level of Important: https://lnkd.in/ebQ5J2SB? "Once an attacker gets onto a victim's computer, they can exploit an LPE (Local Privilege Escalation) vulnerability to then take over the system and follow through with the attack. The vulnerability was discovered as part of a regular study of popular programs and the vendor was informed immediately as part of the responsible disclosure policy. The Microsoft team patched the issue shortly after, and all users should install the update as soon as possible," commented Sergey Tarasov, Head of the PT Expert Security Center Vulnerability Analysis Group.? The PT ESC shares that the described technique is used to gain access to a system's most critical components and follow through on the next stages of an attack. #Cybersecurity #ZeroDay #VulnerabilityManagement #CyberThreats #PTESC

Mid-October marked Positive Technologies' second time at #GITEX2024 — the biggest IT show in the Middle East! We showcased real-world use cases of our cybersecurity products, while our experts delivered nearly 60 presentations over the five days. ?? Highlights from Eugeniya Popova, Director of International Business Development at Positive Technologies: "Companies in the region are very enthusiastic about our idea to automate cybersecurity processes with the help of MaxPatrol O2—a solution that automatically identifies cyberattack chains and responds to them. We receive a lot of interest from partners who specialize in specific areas, such as OT infrastructure security. They appreciate the scale and depth of our offer, including PT ICS, a comprehensive solution for protecting the industrial IT and OT infrastructure. Our expertise in application security and secure development, incorporated in our product PT Application Inspector, is also in high demand." We will continue expanding our partner network in and beyond the Middle East, with new agreements underway. Given that over half of the recent attacks target the region's public sector, industry, telecom, and IT—plus a 70% rise in DDoS attacks across Gulf countries—building continuous, automated protection is more essential than ever. Thanks to everyone who visited us, see you at the next events! ??

Last week, we had an insightful experience at the Regional Cybersecurity Week in Muscat, Oman! ???? We showcased #cybersecurity solutions at the branded booth, joined the conference with a speech in the business program, and tailored several proposals to support B2G initiatives, bolster national #CERT capabilities, and secure electoral processes. We also took part in the awards ceremony not once, but twice—both as speakers and as a participating company. Here’s to strengthening cybersecurity cooperation!