The Record
Microsoft: Zerobot adds new exploits, DDoS attack capabilities
The newly discovered Zerobot botnet continues to evolve, increasingly targeting connected Internet of Things devices.
The Record
The newly discovered Zerobot botnet continues to evolve, increasingly targeting connected Internet of Things devices.
SecurityWeek
The Zerobot malware that ensnares IoT devices in a DDoS-capable botnet has been updated with more exploits.
Bleeping Computer
A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras.
SecurityWeek
A newly observed Go-based IoT botnet capable of self-replicating and self-propagation has been observed targeting multiple vulnerabilities for initial access.
Trend Micro
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year.
The Hacker News
Researchers have uncovered two separate malicious cryptocurrency mining campaigns; one exploiting Oracle WebLogic servers and Docker APIs.
Trend Micro
Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact.
SecurityWeek
IBM has released patches for multiple high-severity vulnerabilities in Netezza for Cloud Pak for Data, Voice Gateway, and SiteProtector system.
Security Affairs
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch reported that a threat actor, tracked as TAC-040, has likely exploited the CVE-2022-26134 flaw in Atlassian Confluence servers to deploy a previously undetected backdoor dubbed Ljl Backdoor. The attackers exploited the flaw in an attack […]
The Hacker News
Hackers "likely" exploited a vulnerability in Atlassian Confluence server to deploy a never-before-seen backdoor for cyberespionage purposes.
Trend Micro
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately.
ThreatPost
Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell.
SecurityWeek
As part of its May 2022 Security Patch Day, SAP has released eight new and four updated security notes, including three that address the recent Spring4Shell vulnerability in more products.
CSO
The network switch vulnerabilities are considered critical and could allow attackers to break network segmentation, exfiltrate data, and escape captive portals.
ZDNet
A new batch of cyberthreats requires shifting away from the best-of-breed, point-product approach to security.
CyberSecurity Dive
Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.
DarkReading
With Web application programming interface (API) traffic growing quickly, the average cloud-focused company sees three times more attacks.
The Hacker News
Cybersecurity researchers warn of LemonDuck cryptocurrency mining botnet targeting Docker and TeamTNT hacker group attacking Kubernetes and clouds.
SecurityWeek
Oracle on Tuesday announced the release of 520 security fixes as part of its April 2022 Critical Patch Update (CPU), including nearly 300 for vulnerabilities that can be exploited remotely without authentication.
Trend Micro
Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners.
ZDNet
Hackers have started to use the Spring4Shell flaw to install Mirai malware on vulnerable systems.
Security Affairs
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs SharkBot […]
Security Affairs
Experts warn of a Mirai-based botnet exploiting the recently discovered Spring4Shell vulnerability in attacks in the wild. Trend Micro Threat Research reported that the recently discovered Spring4Shell vulnerability (CVE-2022-22965) is actively exploited by a Mirai-based botnet. Researchers from Chinese cybersecurity firm Qihoo 360 first reported the exploitation of the Spring4Shell by a Mirai-based botnet in early April. […]
The Hacker News
Hackers are exploiting recently disclosed critical Spring4Shell vulnerability to execute the Mirai botnet malware.
Ars Technica
Researchers have been in search of vulnerable real-world apps. The wait continues.
Bleeping Computer
The Mirai malware is now leveraging the Spring4Shell exploit to infect vulnerable web servers and recruit them for DDoS (distributed denial of service) attacks.
SecurityWeek
Trend Micro has confirmed earlier reports that the new Spring4Shell vulnerability has been exploited by the Mirai botnet.
Trend Micro
We discovered active exploitation of a vulnerability in the Spring Framework designated as CVE-2022-22965 that allows malicious actors to download the Mirai botnet malware.
ZDNet
Other severe vulnerabilities have been resolved.
ZDNet
Attempts to exploit the Spring4Shell flaw are ongoing according to a security company.
Bleeping Computer
VMware has warned customers to immediately patch critical vulnerabilities in multiple products that could be used by threat actors to launch remote code execution attacks.
Infosecurity News
New vulnerability exploited most widely in Europe
CSO
More tools to identify vulnerable applications and options to mitigate the risk from Spring4Shell are also now available.
The Record
The Cybersecurity and Infrastructure Security Agency (CISA) added four new vulnerabilities to its catalog of exploited bugs, including the much-discussed “Spring4Shell” remote code execution (RCE) vulnerability.
Bleeping Computer
Roughly one out of six organizations worldwide that are impacted by the Spring4Shell zero-day vulnerability have already been targeted by threat actors, according to statistics from one cybersecurity company.
Bleeping Computer
Microsoft said that it's currently tracking a "low volume of exploit attempts" targeting the critical Spring4Shell (aka SpringShell) remote code execution (RCE) vulnerability across its cloud services.
SecurityWeek
As more information comes to light, defenders have been provided tools and information to help them deal with the Spring4Shell vulnerability.
Security Affairs
The U.S. CISA added the recently disclosed remote code execution (RCE) vulnerability Spring4Shell to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed CVE-2022-22965 (aka Spring4Shell, CVSS score: 9.8) flaw in the Spring Framework, along with three other issues, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) […]
ZDNet
Microsoft urges customers to fix patch the Spring4Shell Java bug.
The Hacker News
CISA Warns of Active Exploitation of Recently Disclosed Critical Spring4Shell Vulnerability
DarkReading
Internet scan indicates hundreds of thousands of vulnerable installations, while data from the major Java repository suggests millions, firms say.
Security Affairs
VMware released security updates to address the critical remote code execution vulnerability known as Spring4Shell. VMware has published security updates to address the critical remote code execution vulnerability known as Spring4Shell (CVE-2022-22965). According to the virtualization giant, the flaw impacts many of its cloud computing and virtualization products. The Spring4Shell issue was disclosed last week, […]
Bleeping Computer
VMWare has published a security advisory for the critical remote code execution vulnerability known as Spring4Shell, which impacts multiple of its cloud computing and virtualization products.
SecurityWeek
Companies have started assessing the impact of the Spring vulnerability dubbed Spring4Shell on their products.
Security Affairs
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church UK […]
Ars Technica
Vulnerability in the Spring Java Framework is important, but it's no Log4Shell.
CyberScoop
Web applications created in the Spring platform could leave users open to remote code execution, CISA and others are warning.
SecurityWeek
The Spring zero-day vulnerability tracked as Spring4Shell and CVE-2022-22965 has been patched, just as several cybersecurity firms have confirmed seeing exploitation attempts.
Naked Security
Whoever came up with the name “Spring4Shell” didn’t help at all… we cut through the Spring Bug confusion
The Record
Earlier this week, experts released details on a remote code execution (RCE) vulnerability affecting the Spring Framework. On Thursday it was tagged as CVE-2022-22965 and given a critical score of 9.8.
Bleeping Computer
Spring released emergency updates to fix the 'Spring4Shell' zero-day remote code execution vulnerability, which leaked prematurely online before a patch was released.
CSO
Users are urged to update both the Spring Framework and Spring Boot tool.
SecurityWeek
The disclosure of several vulnerabilities affecting the Spring Java framework, including one dubbed Spring4Shell, has led to confusion and concerns of a new Log4Shell-like threat.
Security Affairs
An unauthenticated zero-day RCE vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed. Researchers disclosed a zero-day vulnerability, dubbed Spring4Shell, in the Spring Core Java framework called ‘Spring4Shell.’ An unauthenticated, remote attacker could trigger the vulnerability to execute arbitrary code on the target system. The framework is currently maintained by Spring.io […]
The Hacker News
A Chinese security researcher publicly disclosed PoC for the UNPATCHED zero-day remote code execution (RCE) vulnerability in the Java Spring framework
DarkReading
A proof-of-concept exploit allows remote compromises of Spring Web applications.
Bleeping Computer
A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications.
ThreatPost
The so-called 'Spring4Shell' bug has cropped up, so to speak, and could be lurking in literally millions of Java applications.