Security
Headlines
HeadlinesLatestCVEs

Tag

#ddos

New Akira Ransomware Targets Businesses via Exploited CISCO VPNs

By Deeba Ahmed Akira ransomware operators specialize in targeting corporate endpoints for stealing sensitive data. This is a post from HackRead.com Read the original post: New Akira Ransomware Targets Businesses via Exploited CISCO VPNs

HackRead
Open in Source
#vulnerability#web#android#mac#linux#cisco#ddos#git#botnet#auth#zero_day
CVE-2020-20813: OpenVPN服务被利用于UDP反射放大DDoS攻击 - FreeBuf网络安全行业门户

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet.

New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools

Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company's

Data center flaws spurred disruptions, espionage and malware attacks

By Waqas Trellix's researchers uncovered a series of vulnerabilities in two prominent data center equipment vendors: CyberPower and Dataprobe. This is a post from HackRead.com Read the original post: Data center flaws spurred disruptions, espionage and malware attacks

CVE-2023-3262: The Threat Lurking in Data Centers – Hack Power Management Systems, Take All the Power

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.

Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk

Multiple security vulnerabilities impacting CyberPower's PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe's iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine vulnerabilities, from CVE-2023-3259 through CVE-2023-3267, carry

Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested

European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net no longer available," Europol said in a statement. "The service facilitated the

CVE-2021-29057: timeout isn't safe. Potential DDOS issue · Issue #20 · SUCHMOKUO/node-worker-threads-pool

An issue was discovered in StaticPool in SUCHMOKUO node-worker-threads-pool version 1.4.3, allows attackers to cause a denial of service.

Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

By Waqas The new study has identified a cybersecurity training gap and an alarming lack of preparedness in countering emerging threats. This is a post from HackRead.com Read the original post: Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study