Information Security, Internet and Security Intelligence

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

Security Affairs

MARCH 10, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added the the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. In June, the U.S. In February, a coordinated spike in global exploitation suggested increased automated scanning for vulnerable systems. ” concludes GreyNoise.

DDOS

DDOS Security Intelligence Malware Hacking

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai.

Manufacturing

Manufacturing Malware Firmware IoT

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

In early January, threat actors started targeting VMware Horizon systems exposed on the Internet. On Monday, Microsoft posted a warning about a new campaign from a China-based actor it tracks as DEV-0401 to exploit the Log4Shell vulnerability on VMware Horizon systems exposed on the internet, and deploy Night Sky ransomware.

Ransomware

Ransomware Hacking Internet Internet

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. The best example of the need for this is national level security intelligence, reconnaisance, and vulnerability assessment. Image from information-age.com. Know how to get data in and out of APIs.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. ” reads the report published by the experts. crimson extension.

Ransomware

Ransomware Malware Encryption Security Intelligence

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The malware was designed to targets Internet of Things (IoT) devices and Linux servers for cryptomining and DDoS purposes. ” reported Akamai.

Malware

Malware DDOS Internet Internet

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier.

Firmware

Firmware Wireless DDOS IoT

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Security Affairs

JANUARY 26, 2022

VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. VMware urges customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks. to add a shell.

Internet

Internet Internet Ransomware Hacking

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Accountability Social Engineering Media

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022.

DDOS

DDOS Wireless Security Intelligence Malware

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

As with kube-apiserver, organizations might accidentally leave etcd exposed to the Internet. This investigation uncovered 2,284 etcd servers that malicious actors could access through the Internet. How to secure it. For information on how to secure that part of a Kubernetes cluster, click here.

Advertising

Advertising Internet Internet VPN

10 Reasons to Trust Your Enterprise APIs

Cisco Security

AUGUST 30, 2021

According to the latest Cisco Annual Internet report , there will be 29.3 This massive explosion in device growth will increase reliance on APIs which brings increased security risk. See your logging documentation for more detailed information on how to log a given format. billion networked devices by 2023. Maps to API10.

Software

Software Authentication Risk Encryption

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. The information gathered by the security firm was used by Microsoft to receive a warrant to takedown the TrickBot servers.

Malware

Malware Banking Advertising Financial Services

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices. Confirm that Microsoft Defender Antivirus is updated to security intelligence update 1.371.503.0

Surveillance

Surveillance Malware Authentication Accountability

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Security Affairs

JUNE 16, 2019

The popular expert Larry Cashdollar, from Akamai’s Security Intelligence Response Team (SIRT), spotted a new version of the Echobot botnet that counts 26 different exploits. The Echobot botnet was first detected by experts at PaloAlto Networks early this month, the botnet is based on the dreaded Mirai botnet.

IoT

IoT Advertising Malware Wireless

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits.

Wireless

Wireless IoT Advertising Surveillance

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019. “These attacks were likely initiated as port scans for machines with vulnerable internet-facing RDP services. Locate and patch exposed RDP services now.

Malware

Malware Penetration Testing Advertising Spyware

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

The contemporary world has witnessed the rise of the Internet and global communication, and collaboration technologies, including mobile data use and the culture of bring your own device [BYOD]. Cloud security success and choosing the right investments is all about having a clear understanding of threat types and their resulting damages.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cyber Security Informer

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Trending Sources

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

STRRAT RAT spreads masquerading as ransomware

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Updated Kmsdx botnet targets IoT devices

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Iran-linked APT groups continue to evolve

New InfectedSlurs Mirai-based botnet exploits two zero-days

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

10 Reasons to Trust Your Enterprise APIs

Microsoft partnered with other security firms to takedown TrickBot botnet

European firm DSIRF behind the attacks with Subzero surveillance malware

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

The number of exploits in the Echobot botnet reached 59

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Cyber Security Awareness and Risk Management

Stay Connected