#Metasploit – Xynik

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

April 17, 2024 by Xynik

April 17, 2024 at 07:12AM Cybersecurity researchers have uncovered a new campaign exploiting a vulnerability in Fortinet FortiClient EMS devices, allowing unauthorized code execution. The campaign, tracked by Forescout as Connect:fun, utilizes ScreenConnect and Metasploit Powerfun. Organizations are urged to patch the CVE-2023-48788 vulnerability, monitor for suspicious activity, and use a web application firewall for … Read more

Hacker Conversations: HD Moore and the Line Between Black and White

January 16, 2024 by Xynik

January 16, 2024 at 07:36AM The definition of a hacker is explored in an interview with HD Moore, who highlights the distinctions between moral, amoral, and immoral hacking based on intent and actions. He recounts his upbringing, early experiences of exploring technology, and the ethical dilemmas faced. The interview delves into the legal implications and … Read more

Apache ActiveMQ Vulnerability Exploited as Zero-Day

November 4, 2023 by Xynik

November 4, 2023 at 12:30PM An Apache ActiveMQ vulnerability, CVE-2023-46604, was exploited maliciously prior to patch releases, according to Huntress. Thousands of vulnerable internet-exposed instances are still at risk. Evidence suggests the exploitation began as a zero-day on October 10, with attackers attempting to deliver HelloKitty ransomware. Users are urged to update ActiveMQ to versions … Read more