FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
☐ β˜† βœ‡ The Hacker News

Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw

By: Newsroom β€” April 15th 2024 at 16:51
A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was discovered and patched by the Lighttpd maintainers way back in August 2018 with version 1.4.51, the lack of a CVE identifier or an advisory meant that
☐ β˜† βœ‡ The Hacker News

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

By: Newsroom β€” April 4th 2024 at 11:15
New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. "Many HTTP/2 implementations do not properly limit or sanitize the
☐ β˜† βœ‡ The Hacker News

How to Analyze Malware’s Network Traffic in A Sandbox

By: The Hacker News β€” December 13th 2023 at 12:02
Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you'll need to address them. Decrypting HTTPS traffic Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure
☐ β˜† βœ‡ The Hacker News

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

By: Newsroom β€” December 8th 2023 at 09:52
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit
☐ β˜† βœ‡ The Hacker News

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

By: Newsroom β€” November 15th 2023 at 13:49
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked asΒ CVE-2023-46604Β (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,
☐ β˜† βœ‡ The Hacker News

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

By: Newsroom β€” October 26th 2023 at 13:00
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw calledΒ HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter," the web infrastructure
☐ β˜† βœ‡ The Hacker News

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

By: Newsroom β€” October 10th 2023 at 15:24
Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. TheΒ layer 7 attacksΒ were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked asΒ CVE-2023-44487,
☐ β˜† βœ‡ The Hacker News

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

By: Ravie Lakshmanan β€” June 16th 2023 at 13:54
The threat actor known asΒ ChamelGangΒ has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities. The malware, dubbedΒ ChamelDoHΒ by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling. ChamelGang wasΒ first outedΒ by Russian cybersecurity firm Positive Technologies in September 2021,
☐ β˜† βœ‡ Naked Security

Feds warn about right Royal ransomware rampage that runs the gamut of TTPs

By: Paul Ducklin β€” March 3rd 2023 at 17:56
Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?

☐ β˜† βœ‡ Naked Security

QNAP warns of new bugs in its Network Attached Storage devices

By: Paul Ducklin β€” April 22nd 2022 at 15:15
Here's what you need to know - plus some sensible advice for all the devices on your home or small biz network!

nas-1200

☐ β˜† βœ‡ Naked Security

Wormable Windows HTTP hole – what you need to know

By: Paul Ducklin β€” January 12th 2022 at 16:24
One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".

☐ β˜† βœ‡ Naked Security

Apache’s other product: Critical bugs in β€˜httpd’ web server, patch now!

By: Paul Ducklin β€” December 21st 2021 at 17:57
The Apache web server just got an update - this one is nothing to do with Log4j!

❌