All posts tagged "Apache"

• 

  4.5K

  Vulnerabilities

  New Critical RCE Vulnerability Discovered in Apache Struts 2 – Patch Now

  Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could...

• 

  2.8K

  Data Breach

  HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

  Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service...

• 

  442

  Vulnerabilities

  Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

  Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to...

• 

  4.9K

  Vulnerabilities

  Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

  The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could...

• 

  655

  Vulnerabilities

  Hackers Started Exploiting Critical “Text4Shell” Apache Commons Text Vulnerability

  WordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly disclosed flaw in Apache Commons Text on...

• Vulnerabilities

  High-Severity RCE Security Bug Reported in Apache Cassandra Database Software

  Researchers have revealed details of a now-patched high-severity security vulnerability in Apache Cassandra that, if left unaddressed, could be abused to gain...

• 

  760

  Vulnerabilities

  New Apache Log4j Update Released to Patch Newly Discovered Vulnerability

  The Apache Software Foundation (ASF) on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could...

• 

  4.8K

  Data Security

  Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool

  Apache has released Log4j version 2.15.0 to address the critical RCE vulnerability and users are urged to apply the update immediately. The...

• 

  3.7K

  Information Gathering

  ACT Platform – Collection And Exchange Of Threat Intelligence Information

    Semi-Automated Cyber Threat Intelligence (ACT) is a research project led by mnemonic as with contributions from the University of Oslo, NTNU,...

• 

  315

  Vulnerabilities

  Critical vulnerability in Apache allows privilege escalation to root

  According to the experts from the International Institute of Cyber Security (IICS), the best ethical hacking institute, critical privilege escalation vulnerability in...

• 

  259

  Incidents

  OVER 100 MILLION RECORDS OF BRAZILIAN TAXPAYERS BREACHED

  The cause seems to be a poorly configured server During the first quarter of 2018, experts from a cybersecurity and digital forensics...

• 

  213

  Data Security

  Apache Struts & SonicWall’s GMS exploits key targets of Mirai & Gafgyt IoT malware

  Security researchers at Palo Alto Networks’ Unit 42 have discovered modified versions of the notorious Mirai and Gafgyt Internet of Things (IoT)...

• 

  223

  Data Security

  IBM fixes flaw that let hackers replace its serverless code with their own

  This is the first publicly-disclosed vulnerability in a serverless platform. Experts at IBM (The International Business Machines Corporation) have patched a critical...

• 

  308

  Information Gathering

  How to Find Geolocation of Devices with High Accuracy using Seeker – Kali Linux 2018.2

  Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Seeker Hosts a fake website on...

• 

  246

  Video Tutorials

  How to Detect Load Balancing (HTTP/DNS) on Websites – Load Balancing Detector and Kali Linux

  In computing, load balancing improves the distribution of workloads across multiple computing resources, such as computers, a computer cluster, network links, central...

• 

  177

  Vulnerabilities

  Apache Solr bug is hit with cryptomining attack

  Hackers hit over 1,400 Apache Solr servers at the end of February to install a cryptocurrency miner. According to information security training researcher Renato...

• 

  261

  Exploitation Tools

  JexBoss – JBoss (and others Java Deserialization Vulnerabilities) verify and Exploitation Tool

  JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. Requirements Python...

• 

  223

  Vulnerability Analysis

  ROC – Infineon RSA Vulnerability

  This tool is related to ACM CCS 2017 conference paper #124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA...

• 

  209

  Vulnerabilities

  New Apache Struts Vulnerability Allows Attackers to Take Control Over Web Servers

  Apache Struts is a free and open-source framework used to build Java web applications.This is not the first remote code execution vulnerability...

• 

  258

  Vulnerabilities

  Critical remote code execution vulnerability in Apache

  Security researchers from lgtm.com have discovered a major remote code execution security flaw (CVE-2017-9805) in Apache Struts, which is a well-liked open-source...

• 

  313

  Vulnerabilities

  Apache Struts2 Remote Code Execution Vulnerability S2-046

  Apache Struts is a free and open-source framework used to build Java web applications.This is not the first remote code execution vulnerability...