Security News

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
2023-09-22 08:00

Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code...

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
2023-09-21 09:39

China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions...

MGM casino's ESXi servers allegedly encrypted in ransomware attack
2023-09-14 22:52

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems. In a statement today, the BlackCat ransomware group claims that they had infiltrated MGM's infrastructure since Friday and encrypted more than 100 ESXi hypervisors after the company took down the internal infrastructure.

MGM Resorts ESXi servers allegedly encrypted in ransomware attack
2023-09-14 22:52

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems. In a statement today, the BlackCat ransomware group claims that they had infiltrated MGM's infrastructure since Friday and encrypted more than 100 ESXi hypervisors after the company took down the internal infrastructure.

Protecting Your Microsoft IIS Servers Against Malware Attacks
2023-09-08 11:27

Recently, a slew of activity by the advanced persistent threat group Lazarus has focused on finding vulnerable Microsoft IIS servers and infecting them with malware or using them to distribute malicious code. This article describes the details of the malware attacks and offers actionable suggestions for protecting Microsoft IIS servers against them.

Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
2023-09-07 11:02

Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. Outside of these weaknesses, the latest version of Superset also remediates a separate improper REST API permission issue that allows for low-privilege users to carry out server-side request forgery attacks.

Cybercriminals target MS SQL servers to deliver ransomware
2023-09-06 12:53

A cyberattack campaign is targeting exposed Microsoft SQL databases, aiming to deliver ransomware and Cobalt Strike payloads. The attackers target exposed MS SQL servers by brute-forcing access credentials.

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
2023-09-04 14:13

An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance.

Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware
2023-09-01 15:41

Threat actors are exploiting poorly secured Microsoft SQL servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. "The ransomware payload of choice appears to be a newer variant of Mimic ransomware called FreeWorld."

DreamBus malware exploits RocketMQ flaw to infect servers
2023-08-29 19:17

A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices. The recent DreamBus attacks leveraging that flaw were spotted by researchers at the Juniper Threat Labs, who reported a spike in the activity in mid-June 2023.