Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2024/06/06 1:14 p.m.31 views

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw CVE-2023-33246 for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary "pty3", and...

9.8CVSS8.3AI score0.96604EPSS
Exploits11
The Hacker News
The Hacker News
added 2022/12/02 11:9 a.m.55 views

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers

A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of the infected systems and likely building a botnet network. The attacks involve taking advantage of a critical security vulnerability in the open source, in-memory, key-value store that was...

10CVSS2AI score0.9967EPSS
Exploits9
hivepro
hivepro
added 2022/03/29 12:17 p.m.151 views

Muhstik botnet adds another vulnerability exploit to its arsenal

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Muhstik malware has begun attacking Redis Servers by exploiting a recently reported vulnerability, CVE-2022-0543. This flaw can be found in several Redis Debian packages. The attack began on March 11, 2022, and was carried out...

10CVSS0.7AI score0.99993EPSS
Exploits90
The Hacker News
The Hacker News
added 2022/03/28 6:59 a.m.317 views

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data...

10CVSS1.9AI score0.99999EPSS
Exploits522
ThreatPost
ThreatPost
added 2020/01/22 1:1 p.m.96 views

New Muhstik Botnet Attacks Target Tomato Routers

A new variant of the Muhstik botnet has appeared, this time with scanner technology that for the first time can brute-force web authentication to attack routers using Tomato open-source firmware, researchers have found. Researchers at Palo Alto Networks’ Unit 42 discovered the new variant...

0.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2018/06/05 6:24 p.m.68 views

Drupalgeddon 2.0 Still Haunting 115K+ Sites

More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago. When it was first revealed, the bug, which has been dubbed Drupalgeddon 2.0, impacted an estimated 1+ million sites running Drupal – including major U.S. educational...

7.5CVSS0.99993EPSS
Exploits46References11
The Hacker News
The Hacker News
added 2018/05/10 2:38 p.m.5 views

5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws

Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have...

9.8CVSS7.1AI score0.9995EPSS
Exploits10
Rows per page
Query Builder