FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

By: Newsroom — May 23rd 2024 at 16:44
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, an open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2020-17519, the issue relates to a case of improper access control that
☐ ☆ ✇ The Hacker News

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking

By: Newsroom — March 22nd 2024 at 13:45
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.
☐ ☆ ✇ The Hacker News

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

By: Newsroom — January 22nd 2024 at 16:35
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. "Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to know whether an attack was being performed
☐ ☆ ✇ The Hacker News

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

By: Newsroom — January 12th 2024 at 07:56
Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker's use of packers and rootkits to conceal the malware," Aqua security researchers Nitzan Yaakov and Assaf Morag said in an analysis published earlier
☐ ☆ ✇ The Hacker News

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

By: Newsroom — January 11th 2024 at 14:16
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (CVE-
☐ ☆ ✇ The Hacker News

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack

By: Newsroom — January 10th 2024 at 04:50
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.
☐ ☆ ✇ The Hacker News

New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now

By: Newsroom — December 12th 2023 at 05:23
Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that could enable unauthorized path traversal and could be exploited under the circumstances to upload a malicious file
☐ ☆ ✇ The Hacker News

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

By: Newsroom — December 6th 2023 at 09:18
Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below - CVE-2022-1471 (CVSS score: 9.8) - Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products CVE-2023-22522 (CVSS score
☐ ☆ ✇ The Hacker News

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

By: Newsroom — November 29th 2023 at 05:07
The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0)
☐ ☆ ✇ The Hacker News

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

By: Newsroom — November 21st 2023 at 10:00
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host's resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative
☐ ☆ ✇ The Hacker News

Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking

By: Newsroom — November 20th 2023 at 09:16
Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. "Randstorm() is a term we coined to describe a collection of bugs, design decisions, and API changes that, when brought in contact with each other, combine
☐ ☆ ✇ The Hacker News

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

By: Newsroom — November 15th 2023 at 13:49
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,
☐ ☆ ✇ The Hacker News

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

By: Newsroom — November 7th 2023 at 07:14
Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber (aka C3RB3R) ransomware. Both vulnerabilities are critical, allowing threat
☐ ☆ ✇ The Hacker News

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

By: Newsroom — November 2nd 2023 at 04:27
Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a
☐ ☆ ✇ The Hacker News

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

By: THN — September 7th 2023 at 11:02
Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset’s metadata database. Outside of these
☐ ☆ ✇ The Hacker News

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

By: THN — July 20th 2023 at 15:56
Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state, which allows them to take over any user account, including the admin account," Sonar vulnerability
☐ ☆ ✇ The Hacker News

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

By: Ravie Lakshmanan — May 31st 2023 at 15:44
A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023. “Persistence is achieved via timed processors or entries to cron,” said Dr.
☐ ☆ ✇ The Hacker News

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

By: Ravie Lakshmanan — April 26th 2023 at 09:29
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. The vulnerability, tracked as CVE-2023-27524 (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused by attackers to authenticate and access
❌