Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw Oct 02, 2024The Hacker NewsEmail Security / Vulnerability Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, Read more…
Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks The distributed denial-of-service (DDoS) botnet known as Muhstik has been observed leveraging a now-patched security flaw impacting Apache RocketMQ to co-opt susceptible servers and expand its scale. “Muhstik is a well-known threat targeting IoT devices and Linux-based servers, notorious for Read more…
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the Read more…
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. “Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware,” the company said in Read more…
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites. The findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus Read more…
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, Read more…
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. Read more…
MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Read more…
TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. “TheMoon, which emerged in 2014, has been operating quietly while growing to over Read more…
Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends. Read more…