Lucene search
+L

14 matches found

The Hacker News
The Hacker News
added 2024/07/11 5:19 a.m.65 views

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service DDoS botnets. The vulnerability in question is CVE-2024-4577 CVSS score: 9.8, which allows an attacker to...

9.8CVSS9.7AI score0.99987EPSS
Exploits64
hivepro
hivepro
added 2024/06/10 2:29 p.m.12 views

Muhstik Botnet Exploits Apache RocketMQ Flaw in Latest Operations

...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/06 1:14 p.m.31 views

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw CVE-2023-33246 for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary "pty3", and...

9.8CVSS8.3AI score0.96604EPSS
Exploits11
The Hacker News
The Hacker News
added 2022/12/02 11:9 a.m.61 views

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers

A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of the infected systems and likely building a botnet network. The attacks involve taking advantage of a critical security vulnerability in the open source, in-memory, key-value store that was...

10CVSS2AI score0.9967EPSS
Exploits10
hivepro
hivepro
added 2022/03/29 12:17 p.m.165 views

Muhstik botnet adds another vulnerability exploit to its arsenal

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Muhstik malware has begun attacking Redis Servers by exploiting a recently reported vulnerability, CVE-2022-0543. This flaw can be found in several Redis Debian packages. The attack began on March 11, 2022, and was carried out...

10CVSS0.7AI score0.99993EPSS
Exploits91
The Hacker News
The Hacker News
added 2022/03/28 6:59 a.m.317 views

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data...

10CVSS1.9AI score0.99999EPSS
Exploits526
ATTACKERKB
ATTACKERKB
added 2022/02/18 12:0 a.m.109 views

CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution. Recent assessments: NinjaOperator at March 25, 2022 8:04pm UTC reported: Muhstik Gang has been seen exploiting...

10CVSS9.7AI score0.9967EPSS
In wildExploits10References7
ThreatPost
ThreatPost
added 2020/01/22 1:1 p.m.96 views

New Muhstik Botnet Attacks Target Tomato Routers

A new variant of the Muhstik botnet has appeared, this time with scanner technology that for the first time can brute-force web authentication to attack routers using Tomato open-source firmware, researchers have found. Researchers at Palo Alto Networks’ Unit 42 discovered the new variant...

0.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/05/06 8:4 p.m.1252 views

Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig

Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability CVE-2019-2725 is surging. Even though there’s a patch, tens of thousands of vulnerable machines represent an irresistible target for hackers, according to Unit 42 researchers at Palo Alto...

7.5CVSS0.99993EPSS
Exploits74References5
ThreatPost
ThreatPost
added 2019/05/01 2:11 p.m.491 views

Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw

UPDATE A variant of the Muhstik botnet has been uncovered in the wild, exploiting a recently-disclosed, dangerous vulnerability in Oracle WebLogic servers. The newfound samples of Muhstik are targeting the recently-patched CVE-2019-2725 in WebLogic servers, and then launching...

9CVSS9.2AI score0.99993EPSS
Exploits104References8
ThreatPost
ThreatPost
added 2018/06/05 6:24 p.m.68 views

Drupalgeddon 2.0 Still Haunting 115K+ Sites

More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago. When it was first revealed, the bug, which has been dubbed Drupalgeddon 2.0, impacted an estimated 1+ million sites running Drupal – including major U.S. educational...

7.5CVSS0.99993EPSS
Exploits46References11
The Hacker News
The Hacker News
added 2018/05/10 2:38 p.m.5 views

5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws

Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have...

9.8CVSS7.1AI score0.99948EPSS
Exploits10
The Hacker News
The Hacker News
added 2018/05/10 2:38 p.m.804 views

5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws

Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have...

9.8CVSS0.1AI score0.99948EPSS
Exploits10
ThreatPost
ThreatPost
added 2018/04/23 10:13 p.m.10910 views

Muhstik Botnet Exploits Highly Critical Drupal Bug

Researchers are warning a recently discovered and highly critical vulnerability found in Drupal’s CMS platform is now being actively exploited by hackers who are using it to install cryptocurrency miners and to launch DDoS attacks via compromised systems. At the time of the disclosure, last month...

7.5CVSS0.4AI score0.99993EPSS
Exploits91References6
Rows per page
Query Builder