Remove 2024 Remove Cybercrime Remove Security Intelligence
article thumbnail

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

Security Affairs

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. The flaw CVE-2024-4577 (CVSS score: 9.8) Over 1,000 attacks detected globally. is a PHP-CGI OS Command Injection Vulnerability.

DDOS 107
article thumbnail

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Security Roundup June 2025

BH Consulting

The annual report from Europol’s European Cybercrime Centre draws upon thousands of investigations that Europol supported over the past year. billion exposed identities in 2024. Forescout’s VP of security intelligence Rik Ferguson said the figure was probably a conservative estimate. It found nearly 2.45

Scams 59
article thumbnail

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption

Thales Cloud Protection & Licensing

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t Tue, 01/21/2025 - 14:56 Discover how DSPM, AI, and encryption are transforming data security strategies, reducing vulnerabilities, and improving compliance. Today, 137 of 194 countries have enacted data privacy legislation, per Omdia.

article thumbnail

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The flaw CVE-2024-4577 (CVSS score: 9.8) Cybersecurity and Infrastructure Security Agency (CISA) added the the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

Malware 141
article thumbnail

Corona Mirai botnet spreads via AVTECH CCTV zero-day 

Security Affairs

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. This can be executed remotely with elevated privileges (running process owner.)”

Firmware 129
article thumbnail

Top Cybersecurity Websites and Blogs for Compliance in 2024

Centraleyes

To assist compliance professionals in navigating this intricate landscape, we’ve curated a comprehensive list of top cyber security websites and resources for cyber security and compliance in 2024. The post Top Cybersecurity Websites and Blogs for Compliance in 2024 appeared first on Centraleyes.