Security News

New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
2025-01-30 06:41

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of...

New Aquabotv3 botnet malware targets Mitel command injection flaw
2025-01-30 00:55

A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]

Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet
2025-01-29 15:32

And now you won't stop calling me, I'm kinda busy A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled botnet,...

Mitel 0-day, 5-year-old Oracle RCE bug under active exploit
2025-01-08 20:30

3 CVEs added to CISA's catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in...

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers
2025-01-08 12:12

CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab...

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
2025-01-08 04:21

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV)...

CISA warns of critical Oracle, Mitel flaws exploited in attacks
2025-01-07 18:45

CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. [...]

PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
2024-12-06 06:01

Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers...

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access
2024-12-05 14:56

Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day,...

Mitel MiCollab zero-day and PoC exploit unveiled
2024-12-05 14:24

A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and...