The Hacker News
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
Lazarus Group's evolving cyber tactics target macOS systems by combining elements from multiple malware campaigns for better effectiveness and to avoi
Infosecurity News
Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
Bleeping Computer
CISA orders federal agencies to patch Looney Tunables Linux bug
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions.
DarkReading
Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto
Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
Cyber Security News
Hackers Infect Linux Machines with Rootkits via Apache ActiveMQ Vulnerability
Trend Micro researchers recently revealed Apache ActiveMQ vulnerability (CVE-2023-46604) was actively exploited.
The Hacker News
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
The Kinsing threat actors are exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency mi
Bleeping Computer
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
Trend Micro
CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.
SecurityWeek
In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit
Noteworthy stories that might have slipped under the radar: top law firm hacked, Chinese bank pays ransom, PyPI conducts first security audit
The Hacker News
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
New PoC exploit for CVE-2023-46604 flaw in Apache ActiveMQ could let attackers stealthily execute malicious code.
Cyber Security News
8 New Metasploit Exploit Modules Released Targeting Critical Vulnerabilities
Metasploit is an open-source penetration testing framework created by Rapid7 that enables security professionals to simulate attacks against computer systems, networks, and applications.
The Hacker News
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws
Ransomware groups are actively exploiting critical flaws in Atlassian Confluence & Apache ActiveMQ.
Bleeping Computer
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day.
Cyber Security News
HelloKitty Ransomware Exploiting Apache ActiveMQ Flaw
The recently disclosed Apache ActiveMQ remote code execution (RCE) flaw, CVE-2023-46604 is being exploited to spread ransomware.
Cyber Security News
Threat and Vulnerability Roundup for the week of October 29th to November 4th
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
Bleeping Computer
The Week in Ransomware - November 3rd 2023 - Hive's Back
Over the past couple of months, ransomware attacks have been escalating as new operations launch, old ones return, and existing operations continue to target the enterprise.
Cyber Security News
3,000+ Apache ActiveMQ Servers Vulnerable to RCE Attacks
Apache ActiveMQ servers exposed to the internet are at risk due to a critical remote code execution (RCE) vulnerability.
The Record
Cyber experts and officials raise alarms about exploits against Citrix and Apache products
The zero-day bugs affecting products from Citrix and Apache have critical severity scores and require immediate attention, experts warned.
DarkReading
Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware
More than 3,000 systems are exposed and vulnerable to attack on the Internet.
Bleeping Computer
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks
A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads.
SecurityWeek
Critical Apache ActiveMQ Vulnerability Exploited to Deliver Ransomware
A recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 is being exploited to deliver ransomware.
The Hacker News
HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability
Cybersecurity experts uncover a critical flaw in Apache ActiveMQ. Hackers exploit it for ransomware attacks.
Bleeping Computer
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online
Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.
SecurityWeek
CISA Says 'HiveNightmare' Windows Vulnerability Exploited in Attacks
CISA has added 16 new CVEs to its list of known exploited vulnerabilities, including the Windows vulnerability tracked as HiveNightmare, SeriousSam and CVE-2021–36934.
Security Affairs
CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog
The U.S. CISA has added to the catalog of vulnerabilities another 15 security vulnerabilities actively exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen more flaws to the Known Exploited Vulnerabilities Catalog. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that threat actors have abused in attacks […]
CSO
CISA warns about 15 actively exploited vulnerabilities
The high-severity vulnerabilities that CISA has added to its patch-now list include SeriousSAM privilege escalation and SMB remote code execution.
Bleeping Computer
CISA urges orgs to patch actively exploited Windows SeriousSAM bug
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.