attacks – OWASP Jakarta

Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past Read more…

By adminowasp, 6 months ago

News

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with Read more…

By adminowasp, 6 months ago

News

Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them

Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate Read more…

By adminowasp, 6 months ago

News

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. “These botnets are frequently spread through Read more…

By adminowasp, 6 months ago

News

Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks

Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. “These vulnerabilities affect both the Reyee platform, as well as Read more…

By adminowasp, 6 months ago

News

Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks

Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain conditions. The vulnerability, tracked as CVE-2024-56337, has been described as an Read more…

By adminowasp, 6 months ago

News

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts Read more…

By adminowasp, 7 months ago

News

CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force

CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks Read more…

By adminowasp, 7 months ago

News

North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks

North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. “Phishing emails were sent mainly Read more…

By adminowasp, 7 months ago

News

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with Read more…

By adminowasp, 7 months ago