Beating the Challenge of Cloud Detection and Response with Qualys TotalCloud Deep Learning AI

Lets go beyond the limitations of configuration management-only, non-cloud-native EDR tools for threat detection & response using deep learning AI. The global adoption of cloud technology has supercharged agile innovation in virtually every business sector. As a result, organizations are now...

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year...

Cryptojacking: Understanding and defending against cloud compute resource abuse

In cloud environments, cryptojacking – a type of cyberattack that uses computing power to mine cryptocurrency – takes the form of cloud compute resource abuse, which involves a threat actor compromising legitimate tenants. Cloud compute resource abuse could result in financial loss to targeted...

Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining

A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique,"...

Silentbob Campaign: Cloud-Native Environments Under Attack

Cybersecurity researchers have unearthed an attack infrastructure that's being used as part of a "potentially massive campaign" against cloud-native environments. "This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to...

Security Bulletin: Vulnerability in Spring Framework affects IBM Process Mining [CVE-2016-1000027]

Summary There is a vulnerability in Spring Framework that could allow a remote attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. CVE-2016-1000027 Vulnerability Details...

[M] Mining rewards are not distributed to users

Lines of code Vulnerability details Impact Expected mining rewards in distributeRewards are not distributed due to a revert in purchaseOtherEarnings. Proof of Concept A missing mintVault implementation in transferFrom will inevitably cause a revert in purchaseOtherEarnings. This means expected...

Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data from infected hosts. Fortinet FortiGuard Labs, which made the discovery, said it found the malware in an executable that masqueraded as a PDF fil...

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Process Mining . Multiple CVEs

Summary There is a vulnerability in Apache Tomcat that could allow a remote attacker to bypass security restrictions and obtain sensitive information, The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

Security Bulletin: Vulnerability in Spring Framework affects IBM Process Mining . CVE-2023-20873

Summary There is a vulnerability in Spring Boot that could allow a remote attacker to bypass security restrictions on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-20873...

Security Bulletin: Vulnerability in Spring Security affects IBM Process Mining . CVE-2023-20862

Summary There is a vulnerability in Spring Security that could allow a remote attacker to bypass security restrictions and remain authenticated after logout is performed. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability...

Security Bulletin: Vulnerability in Spring Framework affects IBM Process Mining . CVE-2023-20863

Summary There is a vulnerability in Spring Framework that could allow a remote authenticated attacker to execute a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

Security Bulletin: Vulnerability in Spring Security affects IBM Process Mining . CVE-2022-22978

Summary There is a vulnerability in Spring Security that could allow an remote attacker to bypass security restrictions and obtain access to the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

Attacks, Vulnerabilities and Actors 19 June to 25 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, taking advantage of seventeen different vulnerabilities ...

Security Bulletin: Vulnerability in Spring Security affects IBM Process Mining . CVE-2021-22119

Summary There is a vulnerability in Spring Security that could allow a remote attacker to execute a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2021-2211...

Security Bulletin: Vulnerability in netplex json-smart affects IBM Process Mining . CVE-2023-1370

Summary There is a vulnerability in netplex json-smart that could allow a remote attacker to execute a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

Security Bulletin: Vulnerability in Spring Security affects IBM Process Mining . Multiple CVEs

Summary There is a vulnerability in Spring Security that could allow a local authenticated attacker launch further attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

Security Bulletin: Vulnerability in Spring Boot affects IBM Process Mining . CVE-2023-20883

Summary There is a vulnerability in Spring Boot that could allow a remote attacker to execute a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-20883...

Security Bulletin: Vulnerability in Pallets Flask affects IBM Process Mining . CVE-2023-30861

Summary There is a vulnerability in Pallets Flask that could allow a remote attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-30861...

New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices

Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...