November 2, 2024 at 06:21AM A former Disney employee allegedly hacked the company’s servers to manipulate menus by changing prices, adding profanities, and altering notifications. This incident highlights potential security vulnerabilities within the organization. **Meeting Notes Takeaways:** 1. **Incident Overview**: A former employee of Walt Disney World is accused of hacking into the servers. 2. … Read more
October 29, 2024 at 03:17PM Over 22,000 CyberPanel instances faced a critical vulnerability exploited in a PSAUX ransomware attack, taking most offline. Security flaws in versions 2.3.6 and possibly 2.3.7 were identified, including defective authentication and command injection. Users are urged to upgrade immediately to mitigate risks and access potential decryption aid. ### Meeting Takeaways: … Read more
October 3, 2024 at 11:01AM A potent and elusive Linux malware, “perfctl,” has been wreaking havoc worldwide for years, targeting millions of servers and compromising thousands. It utilizes a plethora of exploits to gain initial access, and its ambitions expand beyond cryptomining and proxyjacking. Recommendations for mitigating this threat include patching vulnerabilities, restricting file execution, … Read more
August 3, 2024 at 01:06AM Cybersecurity researchers disclosed a new DDoS attack campaign, Panamorfi, targeting misconfigured Jupyter Notebooks. The attack uses a Java-based tool, mineping, to launch a TCP flood DDoS attack on servers. Exploiting internet-exposed Jupyter Notebook instances, the attack aims to consume server resources and is attributed to the threat actor yawixooo. Previous … Read more
July 26, 2024 at 12:46PM Acronis warned customers to patch a critical Cyber Infrastructure security flaw allowing attackers to bypass authentication on vulnerable servers. The flaw, labeled CVE-2023-45249, impacts multiple Acronis Cyber Infrastructure products. Over 20,000 service providers and 750,000 businesses use Acronis Cyber Protect to protect their data. The company advises users to update … Read more
July 25, 2024 at 11:49AM Progress Software has issued a warning to patch a critical remote code execution security flaw in the Telerik Report Server, impacting Report Server 2024 Q2 and earlier. This vulnerability allows attackers to gain remote code execution on unpatched servers. Progress advises upgrading to version 2024 Q2 (10.1.24.709) or later, offering … Read more
July 24, 2024 at 06:48AM Some Windows devices may enter BitLocker recovery mode after installing the July 2024 Windows security updates. This is due to the Device Encryption option being enabled. Affected platforms include various Windows versions. Users impacted by this can unlock the drive using their BitLocker recovery key and Microsoft is investigating the … Read more
July 17, 2024 at 12:54PM Atlassian released security updates to fix high-severity vulnerabilities in Bamboo, Confluence, and Jira products. Urgent attention was drawn to the Bamboo Data Center and Server updates, resolving two high-severity bugs. Patches for high-severity vulnerabilities in Confluence and Jira products were also released. Users are advised to apply patches promptly. From … Read more
July 9, 2024 at 08:13AM Researchers found that misconfigured Jenkins Script Console instances can be exploited for criminal activities, like cryptocurrency mining. Attackers can gain remote code execution and misuse sensitive data. The console lacks administrative controls and can be accessed over the internet due to misconfigurations. Safeguards include proper configuration, robust authentication, and restriction … Read more
June 4, 2024 at 10:15AM A high-severity vulnerability, tracked as CVE-2024-21683, allows remote code execution in Atlassian Confluence Data Center and Server. Identified by SonicWall, the flaw requires user privileges to add and upload a malicious language file. Atlassian has released patches, yet threat actors could still target this and other known vulnerabilities. Key takeaways … Read more