#ddos

By Deeba Ahmed Dubbed CherryBlos and FakeTrade by researchers, these two malware campaigns have been identified as potentially related by Trend Micro. This is a post from HackRead.com Read the original post: FakeTrade Android Malware Attack Steals Crypto Wallet Data

By Deeba Ahmed The servers for classic games like Modern Warfare 2, Modern Warfare 3, and Call of Duty Black Ops 1 and 2 were recently brought back online by Activision due to increasing demand from gamers. This is a post from HackRead.com Read the original post: Modern Warfare 2 Servers Were Offline Amid Malware Attack

Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an upper bound, the software may allow arbitrary users to generate DB queries which may end up exhausting the resources on the server. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability.

By Habiba Rashid So far, Spyhide app collected 3.3 million texts and 1.2 million call logs from compromised Android devices. This is a post from HackRead.com Read the original post: Iranian Stalkerware ‘Spyhide’ Steals Data from 60,000 Android Devices

Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai botnet. Of these attack attempts, 20% (or

A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.1), the shortcoming is expected to put approximately 500,000 and 900,000 RouterOS systems at risk of exploitation via their web and/or Winbox interfaces, respectively,

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.

By Waqas The hackers have leaked almost 1 GB worth of data, which contains documents, presentations, and contact details of over 70 NATO officials. This is a post from HackRead.com Read the original post: SiegedSec Hacktivist Claims to Strike NATO and Leak Sensitive Docs

By Deeba Ahmed Researchers at the AI-powered Security solutions provider, FortiGuard Labs, have been monitoring Microsoft Message Queuing (MSMQ) service for… This is a post from HackRead.com Read the original post: Critical Flaws Exposed Microsoft Message Queuing Service to DoS Attacks

By Habiba Rashid The cyberattack was discovered earlier this month. This is a post from HackRead.com Read the original post: Norway Probes Major Cyberattack on 12 Government Ministries