Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems with Kinsing malware. That is a rare sight of a high-profile vulnerability being exploited to infect exclusively Linux machines. Apache ActiveMQ Vulnerability Allows for RCE Analysts… Continue reading Apache ActiveMQ Vulnerability Exploited In The Wild
Author: Stephanie Adlam
I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.
Zimbra Vulnerability Exploited in the Wild
Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability has been discovered in the Zimbra email software. Four hacker groups exploited vulnerabilities to steal email data, user credentials, and tokens. According to the Google… Continue reading Zimbra Vulnerability Exploited in the Wild
ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC
Ransomware Gang ALPHV Takes Unprecedented Step: Files SEC Complaint Over Alleged Victim’s Undisclosed Breach. And no, this is not a joke from ChatGPT. Hackers from BlackCat/ALPHV group found yet another way to make the victim pay the ransom. ALPHV Files SEC Compliant The ALPHV/BlackCat filed a complaint with the U.S. Securities and Exchange Commission (SEC)… Continue reading ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC
VMWare Cloud Director Vulnerability Circumvents Authentication
VMware, a key player in virtualization services, is reaching out to users about a critical security issue in its Cloud Director. Tracked under CVE-2023-34060, this vulnerability, with a CVSS score of 9.8, specifically affects instances that have undergone an upgrade to version 10.5 from previous versions. VMWave Cloud Director Vulnerability Allows for Unauthorized Access Discovered… Continue reading VMWare Cloud Director Vulnerability Circumvents Authentication
IPStorm Botnet Stopped by the FBI, Operator Detained
The FBI has successfully dismantled the notorious IPStorm botnet and apprehended its operator. The operation took place back in September, with the key operator, Sergei Makinin, detained around this time. FBI Dismantles IPStorm Botnet The Federal Bureau of Investigation has successfully suspended the activity of the notorious IPStorm botnet. As a result, they have ended… Continue reading IPStorm Botnet Stopped by the FBI, Operator Detained
Plume Hacked, Data Leaked in the Darknet
An anonymous hacker posted about a Plume data breach on the Darknet. The hacker says they have stolen the personal information of millions of users and threaten to release the data unless the company pays them a ransom. What is Plume? Plume Design, Inc. develops and sells smart home Wi-Fi mesh networking systems. Its flagship… Continue reading Plume Hacked, Data Leaked in the Darknet
Moneris Hacked, Medusa Ransomware Claims
Canadian fintech giant Moneris has been claimed to have been hacked by the notorious Medusa ransomware group. It sends shockwaves through the country’s financial sector. The group is known for its aggressive tactics and audacious targets. They have demanded a ransom of $6 million in exchange for stolen data and the prevention of further disruption.… Continue reading Moneris Hacked, Medusa Ransomware Claims
LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked
In a cybersecurity nightmare, Boeing, a global aerospace and defense titan, has fallen victim to the notorious LockBit ransomware group. It resulted in the exposure of a staggering 50 gigabytes of sensitive data. The breach came to light on November 15, 2023, as LockBit made good on its threat. They published Boeing’s confidential information after… Continue reading LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked
SLP DDoS Amplification Vulnerability Actively Exploited
In a recent development, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over an actively exploited high-severity flaw in the Service Location Protocol (SLP). Designated as CVE-2023-29552, the vulnerability poses a significant threat, allowing attackers to execute denial-of-service (DoS) attacks with a substantial amplification factor. This revelation follows the disclosure of the… Continue reading SLP DDoS Amplification Vulnerability Actively Exploited
What is Microsoft Security Warning Scam?
Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security… Continue reading What is Microsoft Security Warning Scam?