Apache ActiveMQ Vulnerability Exploited as Zero-Day

November 4, 2023 at 12:30PM An Apache ActiveMQ vulnerability, CVE-2023-46604, was exploited maliciously prior to patch releases, according to Huntress. Thousands of vulnerable internet-exposed instances are still at risk. Evidence suggests the exploitation began as a zero-day on October 10, with attackers attempting to deliver HelloKitty ransomware. Users are urged to update ActiveMQ to versions … Read more

The Week in Ransomware – November 3rd 2023 – Hive’s Back

November 3, 2023 at 05:10PM Ransomware attacks have been on the rise recently, with various organizations falling victim, including the Toronto Public Library, ACE Hardware, Mr. Cooper, and the British Library. In response, a coalition of 40 countries will pledge to stop paying ransom demands. Microsoft also commits to enhancing security through its ‘Secure Future’ … Read more

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

November 2, 2023 at 05:17PM More than 3,000 Apache ActiveMQ Servers are at risk of a critical remote code execution vulnerability. An attacker has already started targeting the vulnerability to deploy ransomware. The flaw allows remote attackers to execute arbitrary commands on affected systems. Proof-of-concept exploit code and details of the vulnerability are publicly available, … Read more

HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

November 2, 2023 at 12:23PM HelloKitty ransomware is exploiting a critical Apache ActiveMQ flaw to breach networks and encrypt devices. The flaw allows attackers to execute arbitrary shell commands. Despite a security update being released, there are still thousands of internet-exposed servers using a vulnerable version. Rapid7 reported instances of threat actors exploiting the flaw … Read more

The Week in Ransomware – October 13th 2023 – Increasing Attacks

October 13, 2023 at 06:31PM Ransomware attacks on enterprises are causing disruption and data breaches. Recent attacks include Air Canada being targeted by BianLian, and state courts in Northwest Florida being attacked by ALPHV. Simpson Manufacturing experienced a cybersecurity incident, and a threat actor leaked the source code for the Hello Kitty ransomware. Ransomware trends … Read more