Tag Archives: exploit

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as well as one for triggering a third flaw (CVE-2024-0801) that can lead to denial of service. About the vulnerabilities (CVE-2024-0799, CVE-2024-0800, CVE-2024-0801) Arcserve UDP is a widely used enterprise backup and disaster recovery solution, as … More ? The post PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) appeared first on Help Net Security .

Read the article:
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CVE-2023-28771 is a vulnerability that allows unauthenticated attackers to execute OS commands remotely by sending crafted IKE (Internet Key Exchange) packets to an affected device. Fixed by Zyxel in April 2023, it was expected to be quickly exploited by attackers once technical write-ups and … More ? The post Zyxel firewalls under attack by Mirai-like botnet appeared first on Help Net Security .

See the article here:
Zyxel firewalls under attack by Mirai-like botnet

New attack vectors make securing virtual companies even more challenging

As organizations are settling into long-term remote working, new attack vectors for opportunistic cyberattackers—and new challenges for network administrators have been introduced, Nuspire reveals. Now six months into the pandemic, attackers pivoted away from COVID-19 themes, instead utilizing other prominent media themes like the upcoming U.S. election to wreak havoc. Increase in both botnet and exploit activity There was an increase in both botnet and exploit activity over the course of Q2 2020 by 29% … More ? The post New attack vectors make securing virtual companies even more challenging appeared first on Help Net Security .

Continued here:
New attack vectors make securing virtual companies even more challenging

OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats

Infamous IoT menace lives on in its hellspawn Cybercrooks are using the infamous Mirai IoT botnet as a framework to quickly add in new exploits and functionalities, it has emerged.…

See the original post:
OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats

IoT botnet bypasses firewalls to get to ZyXEL modems

NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More ?

Visit link:
IoT botnet bypasses firewalls to get to ZyXEL modems

IoT malware targeting zero-day vulnerabilities

Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was open season for malicious actors. First, they targeted IoT devices with default or weak passwords, and manufacturers and users began changing them. Then they used known vulnerabilities, and IoT vendor increased their efforts to push out patches. Now, some of the botmasters are making … More ?

More here:
IoT malware targeting zero-day vulnerabilities

PyCryptoMiner ropes Linux machines into Monero-mining botnet

A Linux-based botnet that has been flying under the radar has earned its master at least 158 Monero (currently valued around $63,000). The malware The botnet is based on a crypto-miner written in the Python scripting language, a fact that serves to keep its existence on the down-low. “Unlike a binary malware alternative, a scripting language-based malware is more evasive by nature as it can be easily obfuscated. It is also executed by a legitimate … More ?

Read More:
PyCryptoMiner ropes Linux machines into Monero-mining botnet

Yet ANOTHER IE 0-day hole found: Malware-flingers already using it for drive-by badness

You read that right: OPT OUT of a botnet by hitting Ctrl+Alt+Del Security researchers have discovered new zero-day vulnerabilities in Internet Explorer that are already being harnessed by hackers to run a new type of drive-by attack.…

Visit link:
Yet ANOTHER IE 0-day hole found: Malware-flingers already using it for drive-by badness

Malicious JavaScript flips ad network into rentable botnet

Enslaved machines helplessly press Apache’s buttons Black Hat 2012   Security researchers have shown how hackers can use ad networks to create ephemeral, hard-to-trace botnets that can perform distributed-denial-of-service attacks at the click of a button.…

See the original post:
Malicious JavaScript flips ad network into rentable botnet

Report: DDoS attacks now MORE ANGRY, complex and targeted

Less like the Hulk, more like Iron Man The days when attackers relied on sheer bandwidth volume alone to knock out websites are over, with miscreants increasingly using application-layer and multi-vector attacks.…

View post:
Report: DDoS attacks now MORE ANGRY, complex and targeted