Skip to content
information security Page 165

information security

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

?Jan 12, 2024?NewsroomCryptocurrency / Malware Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. “This attack is particularly intriguing due to the… 

CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

?Jan 12, 2024?NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active… 

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

?Jan 11, 2024?NewsroomVulnerability / Cyber Attack Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident… 

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

?Jan 11, 2024?NewsroomCloud Security / Cyber Attacks A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS),… 

Mandiant’s X Account Was Hacked Using Brute-Force Attack

Mandiant’s X Account Was Hacked Using Brute-Force Attack

?Jan 11, 2024?NewsroomOnline Security / Cryptocurrency The compromise of Mandiant’s X (formerly Twitter) account last week was likely the result of a “brute-force password attack,” attributing the hack to a drainer-as-a-service (DaaS) group. “Normally, [two-factor… 

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure

?Jan 11, 2024?NewsroomCybersecurity / Zero-Day A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm…