Author: Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

Apache ActiveMQ Vulnerability Exploited In The Wild

Hackers actively exploit the vulnerability in Apache ActiveMQ, detected back in October 2023

Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems with Kinsing malware. That is a rare sight of a high-profile vulnerability being exploited to infect exclusively Linux machines. Apache ActiveMQ Vulnerability Allows for RCE Analysts… Continue reading Apache ActiveMQ Vulnerability Exploited In The Wild

Zimbra Vulnerability Exploited in the Wild

Zimbra has patched a vulnerability exploited by several threat actors.

Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability has been discovered in the Zimbra email software. Four hacker groups exploited vulnerabilities to steal email data, user credentials, and tokens. According to the Google… Continue reading Zimbra Vulnerability Exploited in the Wild

ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

Ransomware operators made use of the recent law to force the victim to pay the ransom

Ransomware Gang ALPHV Takes Unprecedented Step: Files SEC Complaint Over Alleged Victim’s Undisclosed Breach. And no, this is not a joke from ChatGPT. Hackers from BlackCat/ALPHV group found yet another way to make the victim pay the ransom. ALPHV Files SEC Compliant The ALPHV/BlackCat filed a complaint with the U.S. Securities and Exchange Commission (SEC)… Continue reading ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

VMWare Cloud Director Vulnerability Circumvents Authentication

VMware reported an unpatched vulnerability affecting Cloud Director appliance deployments.

VMware, a key player in virtualization services, is reaching out to users about a critical security issue in its Cloud Director. Tracked under CVE-2023-34060, this vulnerability, with a CVSS score of 9.8, specifically affects instances that have undergone an upgrade to version 10.5 from previous versions. VMWave Cloud Director Vulnerability Allows for Unauthorized Access Discovered… Continue reading VMWare Cloud Director Vulnerability Circumvents Authentication

IPStorm Botnet Stopped by the FBI, Operator Detained

The IPStorm is quiet now

The FBI has successfully dismantled the notorious IPStorm botnet and apprehended its operator. The operation took place back in September, with the key operator, Sergei Makinin, detained around this time. FBI Dismantles IPStorm Botnet The Federal Bureau of Investigation has successfully suspended the activity of the notorious IPStorm botnet. As a result, they have ended… Continue reading IPStorm Botnet Stopped by the FBI, Operator Detained

Plume Hacked, Data Leaked in the Darknet

Another organization has been hit by a data breach, as the Darknet forum post states

An anonymous hacker posted about a Plume data breach on the Darknet. The hacker says they have stolen the personal information of millions of users and threaten to release the data unless the company pays them a ransom. What is Plume? Plume Design, Inc. develops and sells smart home Wi-Fi mesh networking systems. Its flagship… Continue reading Plume Hacked, Data Leaked in the Darknet

Moneris Hacked, Medusa Ransomware Claims

Major Canadian fintech Moneris hacked by Medusa ransomware.

Canadian fintech giant Moneris has been claimed to have been hacked by the notorious Medusa ransomware group. It sends shockwaves through the country’s financial sector. The group is known for its aggressive tactics and audacious targets. They have demanded a ransom of $6 million in exchange for stolen data and the prevention of further disruption.… Continue reading Moneris Hacked, Medusa Ransomware Claims

LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

50 GB of Boeing Data Leaked Days After Attack LockBit Ransomware

In a cybersecurity nightmare, Boeing, a global aerospace and defense titan, has fallen victim to the notorious LockBit ransomware group. It resulted in the exposure of a staggering 50 gigabytes of sensitive data. The breach came to light on November 15, 2023, as LockBit made good on its threat. They published Boeing’s confidential information after… Continue reading LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

SLP DDoS Amplification Vulnerability Actively Exploited

Critical SLP vulnerability (CVE-2023-29552) exploited for high-impact DoS attacks.

In a recent development, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over an actively exploited high-severity flaw in the Service Location Protocol (SLP). Designated as CVE-2023-29552, the vulnerability poses a significant threat, allowing attackers to execute denial-of-service (DoS) attacks with a substantial amplification factor. This revelation follows the disclosure of the… Continue reading SLP DDoS Amplification Vulnerability Actively Exploited

What is Microsoft Security Warning Scam?

Fake Microsoft tech support pages and phishing landings are hosted on Microsoft services

Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security… Continue reading What is Microsoft Security Warning Scam?