Volt Typhoon suspected of exploiting Versa SD-WAN bug since June

August 29, 2024

In a new cyber espionage campaign, China’s Volt Typhoon is suspected of exploiting a high-severity vulnerability in Versa SD-WAN software, posing a significant threat to U.S. critical infrastructure. The flaw, tracked as CVE-2024-39717, has allowed attackers to plant credential-harvesting web shells on affected networks. Doug Britton, Chief Strategy Officer at RunSafe Security, explains that this attack aligns with Volt Typhoon’s known tactics of targeting edge systems to infiltrate and exploit critical infrastructure. Britton emphasizes the urgency for secure-by-design approaches to mitigate such risks and future-proof technologies against both known and unknown vulnerabilities.

Perspectives on XSS Vulnerabilities with RunSafe’s CTO

XSS vulnerabilities are a 30-year-old security flaw that won't go away. Recently, CISA and the FBI sounded the alarm on cross-site scripting - but why now? And could AI make the problem even worse? Shane Fry, CTO at RunSafe Security, and industry experts weighed in on...

read more

RunSafe CTO Discusses The Spacecraft Cybersecurity Act

Shane Fry, CTO at RunSafe Security, joined the Federal News Network on The Space Hour podcast to discuss The Spacecraft Cybersecurity Act and what spacecraft manufacturers can do to build cyber protections in during the manufacturing stage. "A lot of software running...

read more