Someone is roping Apache NiFi servers into a cryptomining botnet
If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else’s behalf. The attack Indicators of the ongoing campaign were.....»»
Hackers are targeting exposed MS SQL servers with Mimic ransomware
Hackers are brute-forcing exposed MS SQL database servers to deliver Mimic ransomware, Securonix researchers are warning. About Mimic ransomware Mimic ransomware was first spotted in the wild in June 2022 and analyzed by Trend Micro researchers in Ja.....»»
Linux devices are under attack by a never-before-seen worm
Based on Mirai malware, self-replicating NoaBot installs cryptomining app on infected devices. Enlarge (credit: Getty Images) For the past year, previously unknown self-replicating malware has been compromising Linux dev.....»»
Millions still haven’t patched Terrapin SSH protocol vulnerability
Terrapin isn't likely to be mass-exploited, but there's little reason not to patch. Enlarge (credit: Getty Images) Roughly 11 million Internet-exposed servers remain susceptible to a recently discovered vulnerability tha.....»»
Linux SSH servers are under attack once again
Hackers want to install DDoS tools and cryptominers on poorly protected endpoints......»»
Fujitsu Japan spins off PC and hardware business
Fujitsu hopes Fsas Technologies spinoff will hit the ground running in April 2024 with servers, storage, and more......»»
NordVPN app now available on Apple TV
With the tvOS 17 update, Apple TV now supports native VPN apps. Today, NordVPN launches its VPN app for Apple TV, allowing simple on-device setup to connect to its swarm of fast and secure servers. more….....»»
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakb.....»»
Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SCS 9001 2.0 reveals enhanced controls for global supply chains In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA,.....»»
Russian hackers target unpatched JetBrains TeamCity servers
Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. The targets APT 29.....»»
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter &#.....»»
DNSFilter introduces new capability to filter generative AI
DNSFilter announced the expansion of its protective DNS software with a new Generative AI category. DNSFilter’s defense provides organizations of all sizes the ability to secure their network against harmful threats such as malware, botnet, and.....»»
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant a.....»»
New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an.....»»
CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)
Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared. About the exploi.....»»
Voltron Data Theseus helps organizations solve data processing challenges
Voltron Data introduced Theseus, a distributed execution engine built to solve today’s data processing challenges at a scale beyond the capabilities of CPU-based analytics systems like Apache Spark. Theseus is available to enterprises and governmen.....»»
Dremio introduces GenAI-powered data documentation and labeling to reduce manual work
Dremio has unveiled AI-powered data discovery capabilities that accelerate and simplify data contextualization and description for analytics, along with improved capabilities that extend its leadership as the analytics engine for Apache Iceberg. Expa.....»»
ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation
Easy-to-exploit flaw can give hackers passwords and cryptographic keys to vulnerable servers. Enlarge (credit: Getty Images) Security researchers are tracking what they say is the “mass exploitation” of a security vu.....»»
Week in review: LockBit exploits Citrix Bleed, Apache ActiveMQ bug exploited for cryptojacking
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PolarDNS: Open-source DNS server tailored for security evaluations PolarDNS is a specialized authoritative DNS server that allows the operator to pr.....»»
Are rents rising in your neighborhood? Don"t blame the baristas
Baristas who work in specialty coffee shops, along with hipsters more generally, have been referred to as the "shock troops" of urban gentrification—and it's no different in Philadelphia. These servers of artisanal coffee contribute to economic and.....»»
Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet
Internet scans show 7,000 devices may be vulnerable. The true number could be higher. Enlarge (credit: Aurich Lawson / Ars Technica) Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers.....»»