August 3, 2024 at 01:06AM Cybersecurity researchers disclosed a new DDoS attack campaign, Panamorfi, targeting misconfigured Jupyter Notebooks. The attack uses a Java-based tool, mineping, to launch a TCP flood DDoS attack on servers. Exploiting internet-exposed Jupyter Notebook instances, the attack aims to consume server resources and is attributed to the threat actor yawixooo. Previous … Read more
July 26, 2024 at 12:46PM Acronis warned customers to patch a critical Cyber Infrastructure security flaw allowing attackers to bypass authentication on vulnerable servers. The flaw, labeled CVE-2023-45249, impacts multiple Acronis Cyber Infrastructure products. Over 20,000 service providers and 750,000 businesses use Acronis Cyber Protect to protect their data. The company advises users to update … Read more
July 25, 2024 at 11:49AM Progress Software has issued a warning to patch a critical remote code execution security flaw in the Telerik Report Server, impacting Report Server 2024 Q2 and earlier. This vulnerability allows attackers to gain remote code execution on unpatched servers. Progress advises upgrading to version 2024 Q2 (10.1.24.709) or later, offering … Read more
July 24, 2024 at 06:48AM Some Windows devices may enter BitLocker recovery mode after installing the July 2024 Windows security updates. This is due to the Device Encryption option being enabled. Affected platforms include various Windows versions. Users impacted by this can unlock the drive using their BitLocker recovery key and Microsoft is investigating the … Read more
July 17, 2024 at 12:54PM Atlassian released security updates to fix high-severity vulnerabilities in Bamboo, Confluence, and Jira products. Urgent attention was drawn to the Bamboo Data Center and Server updates, resolving two high-severity bugs. Patches for high-severity vulnerabilities in Confluence and Jira products were also released. Users are advised to apply patches promptly. From … Read more
July 9, 2024 at 08:13AM Researchers found that misconfigured Jenkins Script Console instances can be exploited for criminal activities, like cryptocurrency mining. Attackers can gain remote code execution and misuse sensitive data. The console lacks administrative controls and can be accessed over the internet due to misconfigurations. Safeguards include proper configuration, robust authentication, and restriction … Read more
June 4, 2024 at 10:15AM A high-severity vulnerability, tracked as CVE-2024-21683, allows remote code execution in Atlassian Confluence Data Center and Server. Identified by SonicWall, the flaw requires user privileges to add and upload a malicious language file. Atlassian has released patches, yet threat actors could still target this and other known vulnerabilities. Key takeaways … Read more
May 15, 2024 at 07:06AM Ebury, a sophisticated malware botnet, has compromised 400,000 Linux servers since 2009, with over 100,000 still affected as of late 2023. It is employed for various nefarious activities such as spam distribution, web traffic redirection, and credential theft, as well as cryptocurrency heists and credit card stealing. The threat actors … Read more
May 6, 2024 at 10:54AM A critical unpatched security flaw in the Tinyproxy service impacts more than half of the 90,310 exposed hosts, making them vulnerable to remote code execution. The vulnerability, with a CVSS score of 9.8, affects versions 1.10.0 and 1.11.1 and is being actively exploited. Users are urged to update to the … Read more
April 4, 2024 at 08:03AM New research has revealed a vulnerability in the HTTP/2 protocol, named HTTP/2 CONTINUATION Flood, which can be exploited to conduct denial-of-service (DoS) attacks. The issue affects multiple HTTP/2 implementations and could lead to server crashes, performance degradation, and memory exhaustion. Upgrading affected software or temporarily disabling HTTP/2 is recommended. After … Read more