Skip to content
Security News, Assessments & Alerts Page 201

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

?Jan 13, 2024?NewsroomCryptojacking / Cloud Security A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person, described as… 

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. “These families… 

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

?Jan 12, 2024?NewsroomCryptocurrency / Malware Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. “This attack is particularly intriguing due to the… 

CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

?Jan 12, 2024?NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active… 

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

?Jan 11, 2024?NewsroomVulnerability / Cyber Attack Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident… 

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

?Jan 11, 2024?NewsroomCloud Security / Cyber Attacks A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS),…