Calenderweek 30

Major Vulnerabilities in Ubuntu’s OverlayFS Threaten Server Security

Two critical vulnerabilities in Ubuntu’s OverlayFS module are endangering numerous server systems. Administrators are advised to promptly update the kernel modules. Security researchers from Wiz have discovered two easily exploitable vulnerabilities in a module of the Linux distribution Ubuntu, which facilitates the use of the OverlayFS filesystem. According to a blog post they published yesterday, …

Major Vulnerabilities in Ubuntu’s OverlayFS Threaten Server Security Read More »

Critical Security Flaw in OpenSSH Patched: Remote Command Execution Risk Averted

A recently identified and now rectified vulnerability in OpenSSH had raised concerns due to its potential for remote exploitation under certain conditions. Saeed Abbasi, a leading expert in vulnerability research at Qualys, highlighted in a recent analysis that this flaw could have allowed attackers to execute arbitrary commands on systems with vulnerable versions of OpenSSH’s …

Critical Security Flaw in OpenSSH Patched: Remote Command Execution Risk Averted Read More »

Critical Security Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Hacking Threats

Two recently discovered security flaws in the AMI MegaRAC Baseboard Management Controller (BMC) software present critical risks. These vulnerabilities, if exploited, enable remote attackers to gain control over vulnerable servers and deploy malware. The severity of these flaws ranges from high to critical, including unauthenticated remote code execution and unauthorized access with superuser privileges. Attackers …

Critical Security Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Hacking Threats Read More »

Global Security Alert: Over 15,000 Citrix Servers Vulnerable to Exploitation Despite Available Patches

Despite the availability of patches, approximately 15,000 Citrix servers accessible over the internet remain unprotected against known security vulnerabilities. Citrix warned about three actively exploited weaknesses in its Netscaler ADC and Netscaler Gateway products last week. One of these, CVE-2023-3519, rated critical with a CVSS score of 9.8, allows attackers to execute malicious code (RCE) …

Global Security Alert: Over 15,000 Citrix Servers Vulnerable to Exploitation Despite Available Patches Read More »

Key Compromise Exposes Major Security Flaw in Microsoft Azure: Global Applications at Risk

The recent security breach involving Microsoft’s email infrastructure was carried out by a Chinese nation-state actor known as Storm-0558. This attack has been revealed to have a broader impact than initially thought. According to Wiz, a cloud security company, the adversaries utilized an inactive Microsoft account (MSA) consumer signing key to forge Azure Active Directory …

Key Compromise Exposes Major Security Flaw in Microsoft Azure: Global Applications at Risk Read More »

FIN8 Cyber Group Escalates Threats with Advanced BlackCat Ransomware via Sardonic Backdoor

The cybercrime group FIN8, known for financially motivated attacks, has recently updated its malicious software toolkit. The Symantec Threat Hunter Team reported in December 2022 that FIN8 is now deploying BlackCat ransomware through an upgraded version of their Sardonic backdoor. Analysis of the Sardonic Variant: Experts have found that FIN8 continuously enhances their malware and …

FIN8 Cyber Group Escalates Threats with Advanced BlackCat Ransomware via Sardonic Backdoor Read More »

P2PInfect Worm: The Rising Cyber Threat to Redis Servers on Linux and Windows Systems

A newly identified cybersecurity menace, the P2PInfect worm, has been causing severe disruptions globally. This advanced malware targets Redis servers, exploiting their vulnerabilities and posing significant risks to both Linux and Windows systems. In-Depth Analysis: Operational Tactics: Implications: Preventive Measures: The P2PInfect worm represents a serious threat, exploiting Redis server vulnerabilities across Linux and Windows …

P2PInfect Worm: The Rising Cyber Threat to Redis Servers on Linux and Windows Systems Read More »

Unveiling the Surge: Global DDoS Threat Landscape Report Q2 2023

A recent report from Cloudflare reveals that sophisticated Distributed Denial of Service (DDoS) attacks worldwide surged to 5.4 trillion in the second quarter of 2023, marking a 15% uptick from the first quarter. Despite many of these attacks being of short duration, the recovery process proved to be prolonged, significantly impacting daily business operations. Key …

Unveiling the Surge: Global DDoS Threat Landscape Report Q2 2023 Read More »

Rising Threat: Mallox Ransomware Surges by 174% in 2023, Unveiling Evolving Tactics and Recruitment Drive Amidst Broader Ransomware Surge

According to a recent report from Palo Alto Networks Unit 42, Mallox ransomware activities in 2023 have surged by 174%, showcasing a significant increase from the previous year. Mallox, adopting the double extortion trend common among ransomware threat actors, steals data before encrypting an organization’s files and then threatens to publish the stolen data on …

Rising Threat: Mallox Ransomware Surges by 174% in 2023, Unveiling Evolving Tactics and Recruitment Drive Amidst Broader Ransomware Surge Read More »

Charter Oak Federal Credit Union Faces Cybersecurity Challenge: Online Services Temporarily Disrupted

Charter Oak Federal Credit Union officials reported that an unidentifiable group of cybercriminals instigated a computer system shutdown, rendering members unable to access their accounts on the financial institution’s website since Friday afternoon. Brian Orenstein, the President and CEO of the Waterford-based credit union, revealed on Monday that Charter Oak is uncertain about the timeline …

Charter Oak Federal Credit Union Faces Cybersecurity Challenge: Online Services Temporarily Disrupted Read More »

Scroll to Top