Tag: Shodan

Attackers Abuse PaperCut RCE Flaws to Take Over Enterprise Print Servers

Cyber SecurityApril 25, 2023

Security researchers have revealed new details about how attackers are exploiting two flaws in the PaperCut enterprise print management system — used by more...

Russian Fancy Bear APT Exploited Unpatched Cisco Routers to Hack US, EU Gov’t Agencies

Cyber SecurityApril 19, 2023

As recently as 2021, the notorious Russian APT28 was exploiting network routers running outdated versions of Cisco's IOS and IOS XE operating system software,...

Automatic Updates Deliver Malicious 3CX ‘Upgrades’ to Enterprises

Cyber SecurityMarch 30, 2023

Security researchers are sounding the alarm on what may well be another major SolarWinds or Kaseya-like supply chain attack, this time involving Windows and...

CISA: ZK Java Framework RCE Flaw Under Active Exploit

Cyber SecurityMarch 1, 2023

A high-severity authentication bypass vulnerability in a widely used open source Java framework is under active exploit by threat actors, who are using the...

Massive GoAnywhere RCE Exploit: Everything You Need to Know

Cyber SecurityFebruary 17, 2023

Last week, the Cybersecurity and Infrastructure Security Agency (CISA) added three new entries to its Known Exploited Vulnerabilities catalog. Among them was CVE-2023-0669, a...

Scores of Redis Servers Infested by Sophisticated Custom-Built Malware

Cyber SecurityFebruary 3, 2023

An unknown threat actor has been quietly mining Monero cryptocurrency on open source Redis servers around the world for years, using a custom-made malware...

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code

Cyber SecurityJanuary 31, 2023

Three security vulnerabilities affecting VMware's vRealize Log Insight platform now have public exploit code circulating, offering a map for cybercriminals to follow to weaponize...

TSA No-Fly List Snafu Highlights Risk of Keeping Sensitive Data in Dev Environments

Cyber SecurityJanuary 23, 2023

A recent incident where a bored hacker found a list of 1.5 million individuals on TSA's no-fly list sitting unprotected on an Internet-exposed server...

The Evolution of Account Takeover Attacks: Initial Access Brokers for IoT

Cyber SecurityJanuary 20, 2023

Account takeover attacks are like the widely told campfire story about a babysitter that receives a series of threatening phone calls that are traced...

CISA Informs Organizations of Flaws in Unsupported Industrial Telecontrol Devices

Cyber SecurityMarch 7, 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week released an advisory to inform organizations about potentially serious vulnerabilities affecting ipDIO telecontrol communication devices that are no longer supported by the vendor.

CWP Flaws That Expose Servers to Remote Attacks Possibly Exploited in the Wild

Cyber SecurityJanuary 24, 2022

Researchers discovered that the Control Web Panel (CWP) web hosting panel is affected by two serious vulnerabilities that can allow attackers to remotely hack servers, and it’s possible that they may have already been exploited in the wild.