The Hacker News
FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network
February 1^st 2024 at 15:44

FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

By Newsroom

The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. "The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible," web infrastructure and security

Related tags
February 1^st 2024 at 15:44

The Hacker News
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
January 11^th 2024 at 14:16

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

By Newsroom

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (CVE-

Related tags
January 11^th 2024 at 14:16

The Hacker News
Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver
December 9^th 2022 at 11:25

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

By Ravie Lakshmanan

The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a previously undocumented custom malware dubbed Drokbk that uses GitHub as a dead drop resolver to exfiltrate data from an infected computer, or to receive commands. "The use of GitHub as a virtual dead drop helps the malware blend in," Secureworks principal researcher Rafe Pilling said. "All the

Related tags
December 9^th 2022 at 11:25

The Hacker News
Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit
November 17^th 2022 at 06:22

Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit

By Ravie Lakshmanan

Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), come in response to incident response efforts undertaken by the authority from mid-June through mid-July 2022

Related tags
November 17^th 2022 at 06:22

The Hacker News
Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability
October 21^st 2022 at 11:03

Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability

By Ravie Lakshmanan

WordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly disclosed flaw in Apache Commons Text on October 18, 2022. The vulnerability, tracked as CVE-2022-42889 aka Text4Shell, has been assigned a severity ranking of 9.8 out of a possible 10.0 on the CVSS scale and affects versions 1.5 through 1.9 of the library. It's also similar to

Related tags
October 21^st 2022 at 11:03

Naked Security
Dangerous hole in Apache Commons Text – like Log4Shell all over again
October 18^th 2022 at 17:26

Dangerous hole in Apache Commons Text – like Log4Shell all over again

By Paul Ducklin

Third time unlucky. Time to put your patching boots on again...

act-1200

Related tags
October 18^th 2022 at 17:26

The Hacker News
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
August 2^nd 2022 at 08:07

LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload

By Ravie Lakshmanan

A threat actor associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads. According to a report published by SentinelOne last week, the incident occurred after obtaining initial access via the Log4Shell vulnerability against an unpatched VMware Horizon Server. "Once initial

Related tags
August 2^nd 2022 at 08:07

Naked Security
8 months on, US says Log4Shell will be around for “a decade or longer”
July 18^th 2022 at 16:57

8 months on, US says Log4Shell will be around for “a decade or longer”

By Paul Ducklin

When it comes to cybersecurity, ask not what everyone else can do for you...

Related tags
July 18^th 2022 at 16:57

The Hacker News
Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data
June 24^th 2022 at 03:36

Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data

By Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks. "Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched,