Security News > 2018 > March > Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers
2018-03-09 19:53
Vulnerable servers of all kinds are being targeted, compromised and made to mine cryptocurrencies for the attackers. Apache Solr servers under attack SANS ISC handler Renato Marihno warns about an active campaign aimed at compromising Apache Solr servers. The campaign infected 1777 victims from February 28 to March 8. Of those, 1416 are Solr servers. The attackers are exploiting CVE-2017-12629 for gaining access to the vulnerable servers and delivering Monero-mining malware. The flaw dates back … More → The post Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/NH7_ViLY5S4/
Related news
- New Windows Server updates cause domain controller crashes, reboots (source)
- Microsoft confirms Windows Server issue behind domain controller crashes (source)
- Microsoft releases emergency fix for Windows Server crashes (source)
- Microsoft confirms memory leak in March Windows Server security update (source)
- Crypto miner arrested for skipping on $3.5 million in cloud server bills (source)
- Microsoft: Copilot ‘app’ on Windows Server mistakenly added by Edge (source)
- Microsoft: April Windows Server updates cause NTLM auth failures (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-14 | CVE-2017-12629 | XXE vulnerability in multiple products Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. | 9.8 |