November 14, 2023

Major Vulnerabilities in Ubuntu’s OverlayFS Threaten Server Security

Two critical vulnerabilities in Ubuntu’s OverlayFS module are endangering numerous server systems. Administrators are advised to promptly update the kernel modules. Security researchers from Wiz have discovered two easily exploitable vulnerabilities in a module of the Linux distribution Ubuntu, which facilitates the use of the OverlayFS filesystem. According to a blog post they published yesterday, …

Major Vulnerabilities in Ubuntu’s OverlayFS Threaten Server Security Read More »

Critical Security Flaw in OpenSSH Patched: Remote Command Execution Risk Averted

A recently identified and now rectified vulnerability in OpenSSH had raised concerns due to its potential for remote exploitation under certain conditions. Saeed Abbasi, a leading expert in vulnerability research at Qualys, highlighted in a recent analysis that this flaw could have allowed attackers to execute arbitrary commands on systems with vulnerable versions of OpenSSH’s …

Critical Security Flaw in OpenSSH Patched: Remote Command Execution Risk Averted Read More »

Critical Security Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Hacking Threats

Two recently discovered security flaws in the AMI MegaRAC Baseboard Management Controller (BMC) software present critical risks. These vulnerabilities, if exploited, enable remote attackers to gain control over vulnerable servers and deploy malware. The severity of these flaws ranges from high to critical, including unauthenticated remote code execution and unauthorized access with superuser privileges. Attackers …

Critical Security Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Hacking Threats Read More »

Global Security Alert: Over 15,000 Citrix Servers Vulnerable to Exploitation Despite Available Patches

Despite the availability of patches, approximately 15,000 Citrix servers accessible over the internet remain unprotected against known security vulnerabilities. Citrix warned about three actively exploited weaknesses in its Netscaler ADC and Netscaler Gateway products last week. One of these, CVE-2023-3519, rated critical with a CVSS score of 9.8, allows attackers to execute malicious code (RCE) …

Global Security Alert: Over 15,000 Citrix Servers Vulnerable to Exploitation Despite Available Patches Read More »

Key Compromise Exposes Major Security Flaw in Microsoft Azure: Global Applications at Risk

The recent security breach involving Microsoft’s email infrastructure was carried out by a Chinese nation-state actor known as Storm-0558. This attack has been revealed to have a broader impact than initially thought. According to Wiz, a cloud security company, the adversaries utilized an inactive Microsoft account (MSA) consumer signing key to forge Azure Active Directory …

Key Compromise Exposes Major Security Flaw in Microsoft Azure: Global Applications at Risk Read More »

FIN8 Cyber Group Escalates Threats with Advanced BlackCat Ransomware via Sardonic Backdoor

The cybercrime group FIN8, known for financially motivated attacks, has recently updated its malicious software toolkit. The Symantec Threat Hunter Team reported in December 2022 that FIN8 is now deploying BlackCat ransomware through an upgraded version of their Sardonic backdoor. Analysis of the Sardonic Variant: Experts have found that FIN8 continuously enhances their malware and …

FIN8 Cyber Group Escalates Threats with Advanced BlackCat Ransomware via Sardonic Backdoor Read More »

P2PInfect Worm: The Rising Cyber Threat to Redis Servers on Linux and Windows Systems

A newly identified cybersecurity menace, the P2PInfect worm, has been causing severe disruptions globally. This advanced malware targets Redis servers, exploiting their vulnerabilities and posing significant risks to both Linux and Windows systems. In-Depth Analysis: Operational Tactics: Implications: Preventive Measures: The P2PInfect worm represents a serious threat, exploiting Redis server vulnerabilities across Linux and Windows …

P2PInfect Worm: The Rising Cyber Threat to Redis Servers on Linux and Windows Systems Read More »

Scroll to Top