Hacking Apache Tomcat servers with HTTP headers
An open-source version of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies is known as Apache Tomcat. This implementation was built…
Month: June 2023
New DDoS Botnet ‘Condi’ Targets Vulnerable TP-Link AX21 Routers
Condi is the second DDoS botnet to exploit CVE-2023-1389, with the Mirai botnet targeting it in April 2023. FortiGuard Labs researchers have discovered new samples…
Exploit released for Cisco AnyConnect bug giving SYSTEM privileges
Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let…
iOttie discloses data breach after site hacked to steal credit cards
Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers’ credit cards and personal…
APT37 hackers deploy new FadeStealer eavesdropping malware
The North Korean APT37 hacking group uses a new ‘FadeStealer’ information-stealing malware containing a ‘wiretapping’ feature, allowing the threat actor to snoop and record from…
5 Benefits Of SIEM To The Cybersecurity Of Any Business
By Aaron Haynes, a Columnist at Loganix.com Cybersecurity is a top priority for many businesses today because of the significant threats they face from hackers…
Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’
Apple has rolled out a major security-themed iOS update to fix remote code execution vulnerabilities that have already been exploited in the wild. The patches…
APT28 hacked Roundcube email servers of Ukrainian entitiesSecurity Affairs
Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and…
Researcher Identifies Popular Swing VPN Android App as DDoS Botnet
The Swing VPN app, which is available on the official Google Play Store under the name Swing VPN – Fast VPN Proxy, has more than…
Apple fixes zero-days used to deploy Triangulation spyware via iMessage
Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. “Apple is aware of a report that…
Why Malware Crypting Services Deserve More Scrutiny – Krebs on Security
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or…
UPS discloses data breach after exposed customer info used in SMS phishing
Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and…