Security News

A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept exploit making an appearance on GitHub. The Apache Tomcat open-source web server supports various JavaScript-based technologies, including the Apache JServ Protocol interface, which is where the vulnerability resides.

For the first time ever, the Apache Pulsar PMC team is publishing a user survey report. The 2020 Apache Pulsar User Survey Report reveals Pulsar's accelerating rate of global adoption, details how organizations are leveraging Pulsar to build real-time streaming applications, and highlights key features on Pulsar's product roadmap.

WordPress and Apache Struts vulnerabilities were the most-targeted by cybercriminals in web and application frameworks in 2019 - while input-validation bugs edged out cross-site scripting as the most-weaponized weakness type. The firm found that WordPress and Apache Struts alone accounted for a combined 57 percent of exploited framework bugs during the year.

A study that analyzed all the vulnerability disclosures between 2010 and 2019 found that around 55% of all the security bugs that have been weaponized and exploited in the wild were for two major application frameworks, namely WordPress and Apache Struts. The Drupal content management system ranked third, followed by Ruby on Rails and Laravel, according to a report published this week by risk analysis firm RiskSense.

Among the report's key findings, total framework vulnerabilities in 2019 went down but the weaponization rate went up, WordPress and Apache Struts had the most weaponized vulnerabilities, and input validation surpassed cross-site scripting as the most weaponized weakness in the frameworks examined. "Even if best application development practices are used, framework vulnerabilities can expose organizations to security breaches. Meanwhile, upgrading frameworks can be risky because changes can affect the behavior, appearance, or inherent security of applications," said Srinivas Mukkamala, CEO of RiskSense.

Hackers have started scanning the web in search of Apache Tomcat servers affected by a recently disclosed vulnerability tracked as CVE-2020-1938 and dubbed Ghostcat. Bad Packets told SecurityWeek on Wednesday that the scanning activity they have detected is designed to enumerate vulnerable servers by checking for the path "/WEB-INF/web.

A serious vulnerability affecting Apache Tomcat can be exploited to read files from a server and in some cases even to achieve remote code execution. Chaitin says the vulnerability is related to the Apache JServ Protocol protocol, which is designed to improve performance by proxying inbound requests from a web server through to an application server.

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity 'file read and inclusion bug'-which can be exploited in the default configuration.

If you find port 80 is a security risk on your network, you can change the Apache listening port to something non-standard.

Add terminal- and web-based Apache access.log view with GoAccess.