Security News
The latest Windows Server 2022 patch has broken the Chrome browser, and short of uninstalling the update, a registry hack is the only way to restore service for affected users. KB5034129 is a security update for Windows Server 2022 and was released on January 9, 2024.
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. By using the computing resources of others' servers to mine cryptocurrency, the cybercriminals can profit at the expense of the compromised organizations, whose CPU and GPU performance is degraded by the mining.
A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a...
Hackers are brute-forcing exposed MS SQL database servers to deliver Mimic ransomware, Securonix researchers are warning. Mimic ransomware was first spotted in the wild in June 2022 and analyzed by Trend Micro researchers in January 2023.
A group of financially motivated Turkish hackers targets Microsoft SQL servers worldwide to encrypt the victims' files with Mimic ransomware. "The timeline for the events was about one month from initial access to the deployment of MIMIC ransomware on the victim domain."
Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain...
Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. Apache released a fix that was incomplete for the NameServer component in RocketMQ and continued to affect versions 5.1 and older of the distributed messaging and streaming platform.
Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections. The Terrapin attack targets the SSH protocol, affecting both clients and servers, and was developed by academic researchers from Ruhr University Bochum in Germany.
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Online URL. The researchers further said those scanning vulnerable servers are particularly interested in finding vulnerable Confluence servers.
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a...