Security News

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
2024-01-12 07:56

Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is...

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
2024-01-11 14:16

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to...

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack
2024-01-10 04:50

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This...

Apache OFBiz zero-day pummeled by exploit attempts after disclosure
2024-01-08 17:45

SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. If you use the Apache Software Foundation framework, which includes business process automation apps and other enterprise-friendly functions, you should upgrade to OFBiz version 18.12.11 immediately to patch both this and a second, equally serious hole.

Hackers target Apache RocketMQ servers vulnerable to RCE attacks
2024-01-05 17:32

Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. Apache released a fix that was incomplete for the NameServer component in RocketMQ and continued to affect versions 5.1 and older of the distributed messaging and streaming platform.

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
2023-12-28 16:20

A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Online URL. The researchers further said those scanning vulnerable servers are particularly interested in finding vulnerable Confluence servers.

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
2023-12-27 15:39

A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The...

Four in five Apache Struts 2 downloads are for versions featuring critical flaw
2023-12-21 14:13

Security vendor Sonatype believes developers are failing to address the critical remote code execution vulnerability in the Apache Struts 2 framework, based on recent downloads of the code. It is a logic bug in the framework's file upload feature: if an application uses Struts 2 to allow users to upload files to a server, those folks can abuse the vulnerability to save documents where they shouldn't be allowed to on that remote machine.

Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix
2023-12-17 09:00

EOL Sophos firewalls get hotfix for old but still exploited vulnerabilityOver a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. Attackers are trying to exploit Apache Struts vulnerabilityAttackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2.

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
2023-12-14 10:21

Attackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. "Attackers aim to deploy webshells, with some cases targeting the parameter 'fileFileName' - a deviation from the original exploit PoC," Akamai's Security Intelligence Group flagged on Wednesday.