Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers
Vulnerable servers of all kinds are being targeted, compromised and made to mine cryptocurrencies for the attackers. Apache Solr servers under attack SANS ISC handler Renato …
exploit
IoT botnet bypasses firewalls to get to ZyXEL modems
NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: …
Server-side exploits dominate the threat landscape
Skybox Security released its inaugural Vulnerability and Threat Trends Report, which analyzes vulnerabilities, exploits and threats in play in 2017. Cybercrime is a …
About the Flash zero-day currently exploited in the wild
The zero-day Flash Player vulnerability (CVE-2018-4878) that Adobe warned about on Thursday was leveraged by North Korean hackers. FireEye calls the group TEMP.Reaper and …
AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit
A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules …
IoT malware targeting zero-day vulnerabilities
Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was …
PyCryptoMiner ropes Linux machines into Monero-mining botnet
A Linux-based botnet that has been flying under the radar has earned its master at least 158 Monero (currently valued around $63,000). The malware The botnet is based on a …
Spoofed IRS notice delivers RAT through link updating trick
The malware delivery trick involving updating links in Word documents is apparently gaining some traction: the latest campaign to use it likely takes the form of fake emails …
Easily exploitable Apache Struts vulnerability opens businesses to attack
A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. …
Attackers turn to auto-updating links instead of macros to deliver malware
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately …
