August 31, 2024 at 02:28PM An outdated series of IP cameras has been exploited to create a new Mirai botnet. Akamai reported the active campaign leveraging the remote code execution (RCE) vulnerability in AVTECH AVM1203 IP cameras, which have been discontinued since 2019. The botnet also exploits other old vulnerabilities, emphasizing the importance of maintaining … Read more
August 28, 2024 at 02:03AM The U.S. Cybersecurity and Infrastructure Security Agency has added a critical security flaw in the Apache OFBiz system to its Known Exploited Vulnerabilities catalog. The flaw, CVE-2024-38856, allows remote code execution and carries a CVSS score of 9.8. Organizations are advised to update to version 18.12.15 by September 17, 2024 … Read more
August 6, 2024 at 12:36AM A critical pre-authentication remote code execution vulnerability (CVE-2024-38856) has been discovered in Apache OFBiz ERP system, with a CVSS score of 9.8. It allows unauthenticated access to critical endpoints, potentially leading to remote code execution. This follows a patch bypass for a previous vulnerability (CVE-2024-36104) and comes amid active exploitation … Read more
August 2, 2024 at 07:00AM Enterprise Resource Planning (ERP) Software, including the open-source framework OFBiz, faces critical security vulnerabilities, as demonstrated by the exploitation of a directory traversal flaw. The SANS Internet Storm Center reported an increase in exploit attempts, with attackers targeting OFBiz using the Mirai botnet. The vulnerabilities pose a threat to sensitive … Read more
May 9, 2024 at 07:49AM Two security flaws in Ivanti Connect Secure devices are exploited by the Mirai botnet, as per Juniper Threat Labs. Vulnerabilities CVE-2023-46805 and CVE-2024-21887 allow attackers to execute arbitrary code and deploy malware on susceptible instances. This comes as SonicWall reports a fake Windows File Explorer executable installing a cryptocurrency miner. … Read more
April 30, 2024 at 03:03AM The UK NCSC urges smart device manufacturers to comply with the new PSTI act, prohibiting default passwords. This aims to enhance ongoing protection against cyber attacks for consumers. Failure to comply may result in recalls and fines of up to £10 million or 4% of global revenues. This makes the … Read more
April 9, 2024 at 02:15AM Security flaws in legacy D-Link NAS devices are being exploited by threat actors, impacting over 92,000 internet-exposed devices. The vulnerabilities allow arbitrary command execution, potentially leading to unauthorized access and denial-of-service conditions. No patches are expected, and users are advised to replace affected devices or firewall remote access. Attackers are … Read more
March 6, 2024 at 06:54AM CISA added CVE-2023-21237 impacting Pixel phones and CVE-2021-36380 impacting Sunhillo SureLine to its Known Exploited Vulnerabilities catalog. Both vulnerabilities have potential security risks, affecting Pixel phone users and the aviation industry. Federal agencies must address these flaws by March 26, with all organizations urged to prioritize vulnerability management. From the … Read more
January 14, 2024 at 04:51AM Forescout’s recent findings reveal that the cyber attacks on Denmark’s energy sector in 2023, involving Zyxel firewall vulnerability and Mirai botnet, were not linked to the Russia-based Sandworm group. The attacks consisted of two separate waves and targeted multiple entities across Europe and the U.S., posing ongoing threats to critical … Read more
December 16, 2023 at 11:53AM Akamai’s Security Intelligence Response Team discovered the ‘InfectedSlurs’ botnet exploiting zero-day vulnerabilities in routers and QNAP VioStor NVR devices, resulting in a DDoS swarm. Two vulnerabilities, CVE-2023-49897 and CVE-2023-47565, were leveraged. Akamai published follow-up reports as security updates became available. Affected users are advised to update firmware, change passwords, and … Read more