Security News

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
2023-07-20 15:56

Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "The acquired admin privileges can further be leveraged to exploit another vulnerability allowing attackers to execute arbitrary code on the Apache OpenMeetings server."

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
2023-05-31 15:44

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. "The attack script is not saved to the system. The attack scripts are kept in memory only."

Someone is roping Apache NiFi servers into a cryptomining botnet
2023-05-31 13:49

If you're running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else's behalf. "Routers make bad cryptomining servers. Cryptomining may be what they end up doing if the lateral movement doesn't get them anywhere."

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected
2023-05-02 05:35

The U.S. Cybersecurity and Infrastructure Security Agency has added three flaws to the Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. The second flaw to be added to the KEV catalog is CVE-2021-45046, a remote code execution affecting the Apache Log4j2 logging library that came to light in December 2021.

Thousands of Apache Superset servers exposed to RCE attacks
2023-04-26 15:52

Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and modify data, harvest credentials, and execute commands. Apache Superset is an open-source data visualization and exploration tool initially developed for Airbnb before it became a top-level project at the Apache Software Foundation in 2021.

Common insecure configuration opens Apache Superset servers to compromise
2023-04-26 13:51

An insecure default configuration issue makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3. Administrators in charge of Apache Superset instances should check whether they are among that lot, upgrade them to a fixed version, and check whether attackers might have exploited the weakness to breach them.

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks
2023-04-26 09:29

The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. Ai, described the issue as "a dangerous default configuration in Apache Superset that allows an unauth attacker to gain remote code execution, harvest credentials, and compromise data."

Apache Superset: A story of insecure default keys, thousands of vulnerable systems, few paying attention
2023-04-25 22:35

Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code. Ai again checked to see how many Superset instances were configuring their app with a public default secret key.

Zerobot malware now shooting for Apache systems
2022-12-22 18:34

The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things devices it can compromise by going after Apache systems. The latest upgrade is going after Apache and Apache Spark systems.

Zerobot malware now spreads by exploiting Apache vulnerabilities
2022-12-21 21:10

The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers. Zerobot has been under active development since at least November, with new versions adding new modules and features to expand the botnet's attack vectors and make it easier to infect new devices, including firewalls, routers, and cameras.