Skip to content
information security Page 161

information security

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

?Jan 22, 2024?NewsroomVulnerability / Malware Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. “The… 

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

?Jan 20, 2024?NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited… 

Microsoft’s Top Execs’ Emails Breached in Sophisticated Russia-Linked APT Attack

Microsoft’s Top Execs’ Emails Breached in Sophisticated Russia-Linked APT Attack

?Jan 20, 2024?NewsroomCyber Espionage / Emails Security Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior… 

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

?Jan 19, 2024?NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These applications are being hosted on Chinese pirating… 

Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package

Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package

?Jan 19, 2024?NewsroomSoftware Security / Spyware A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named “oscompatible,” was published on January… 

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it’s being actively…