November 29, 2023 at 12:18AM A critical security flaw in Apache ActiveMQ (CVE-2023-46604) is being exploited to distribute the GoTitan botnet and PrCtrl Rat malware for remote control of infected systems. Threat groups like Lazarus are using the flaw to deliver various payloads, including DDoS bots and cryptojackers. Meeting Takeaways: 1. A critical security flaw … Read more
November 21, 2023 at 05:12AM Kinsing threat actors are using a critical security flaw in Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. The malware deploys a cryptocurrency mining script that utilizes the host’s resources, causing damage to infrastructure and system performance. The group adapts to new vulnerabilities and targets misconfigured … Read more
November 15, 2023 at 09:45AM A critical security flaw in Apache ActiveMQ, tracked as CVE-2023-46604, allows threat actors to execute arbitrary code in memory. The flaw has been exploited by ransomware groups, deploying ransomware like HelloKitty and a strain similar to TellYouThePass, as well as a remote access trojan called SparkRAT. The attacks rely on … Read more
November 4, 2023 at 12:30PM An Apache ActiveMQ vulnerability, CVE-2023-46604, was exploited maliciously prior to patch releases, according to Huntress. Thousands of vulnerable internet-exposed instances are still at risk. Evidence suggests the exploitation began as a zero-day on October 10, with attackers attempting to deliver HelloKitty ransomware. Users are urged to update ActiveMQ to versions … Read more
November 2, 2023 at 12:23PM HelloKitty ransomware is exploiting a critical Apache ActiveMQ flaw to breach networks and encrypt devices. The flaw allows attackers to execute arbitrary shell commands. Despite a security update being released, there are still thousands of internet-exposed servers using a vulnerable version. Rapid7 reported instances of threat actors exploiting the flaw … Read more
November 2, 2023 at 05:30AM Researchers have identified a critical security flaw in the Apache ActiveMQ message broker service that could allow remote code execution. The flaw has been exploited to deploy HelloKitty ransomware on target systems. The vulnerability has a severity score of 10.0 and has been addressed in the latest ActiveMQ versions. Users … Read more