Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

December 28, 2023 at 11:21AM Apache OFBiz, utilized for business operations, contains a critical pre-authentication remote code execution vulnerability, CVE-2023-49070, actively being exploited. A patch to resolve the issue was found incomplete, resulting in the discovered bypass flaw, CVE-2023-51467. The urgency for users to upgrade to version 18.12.11 is emphasized due to the risk of … Read more

Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users

December 14, 2023 at 09:14AM Summary: Authorities warn that Russia’s SVR’s cyber unit is exploiting a critical vulnerability in JetBrains TeamCity CI/CD server. The exploit could enable manipulation of source code, and potentially facilitate future attacks. The advisory outlines the SVR’s cyber operations and their long-term objectives in cyberspace. Mitigations and indicators of compromise are … Read more

Hackers start exploiting critical ownCloud flaw, patch now

November 28, 2023 at 11:16AM Hackers are actively exploiting a critical vulnerability in the ownCloud file synchronization software that could lead to data breaches. The flaw, tracked as CVE-2023-49103, allows attackers to access sensitive information such as admin passwords, mail server credentials, and license keys. The vulnerability affects both containerized and non-containerized deployments, and administrators … Read more

Exploitation of Critical ownCloud Vulnerability Begins

November 28, 2023 at 10:00AM Threat actors are actively exploiting a critical information disclosure vulnerability in ownCloud’s Graphapi app. The vulnerability allows attackers to retrieve sensitive credentials and system information. The flaw affects Graphapi versions 0.2.0 to 0.3.0 and cannot be mitigated by disabling the app alone. Administrators are urged to follow the mitigation steps … Read more

HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

November 2, 2023 at 12:23PM HelloKitty ransomware is exploiting a critical Apache ActiveMQ flaw to breach networks and encrypt devices. The flaw allows attackers to execute arbitrary shell commands. Despite a security update being released, there are still thousands of internet-exposed servers using a vulnerable version. Rapid7 reported instances of threat actors exploiting the flaw … Read more