P2PInfect server botnet spreads using Redis replication feature
Threat actors are actively targeting exposed instances of SSH and Redis Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows…
Category: Bleeping Computer
Hackers exploit BleedingPipe RCE to target Minecraft servers, players
Hackers are actively exploiting a ‘BleedingPipe’ remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take…
Microsoft fixes WSUS servers not pushing Windows 11 22H2 updates
Microsoft fixed a known issue impacting WSUS (Windows Server Update Services) servers upgraded to Windows Server 2022, causing them not to push Windows 11 22H2…
Israel’s largest oil refinery website offline after DDoS attack
Website of Israel’s largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group’s cyber systems.…
Android patch gap makes n-days as dangerous as zero-days
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates…
Microsoft Edge is getting a ‘darker’ dark mode theme
Microsoft has quietly announced an enhancement to the Edge browser’s dark mode, making it even darker. The current dark mode, characterized by its grey tones,…
Israel’s largest oil refinery website offline amid cyber attack claims
Website of Israel’s largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group’s cyber systems.…
Browser developers push back on Google’s “web DRM” WEI API
Google’s plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for…
Linux version of Abyss Locker ransomware targets VMware ESXi servers
The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware’s ESXi virtual machines platform in attacks on the enterprise. As…
Apple rejects new name ‘X’ for Twitter iOS app because… rules
Mr. Musk may have successfully pushed Twitter’s new name and logo, ‘X’, and even made the vanity domain x.com redirect to the social media website, but…
New Submarine malware found on hacked Barracuda ESG appliances
CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. A suspected…
The Week in Ransomware – July 28th 2023
With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. This was seen by both the Clop…