In a co-ordinated international effort, the law enforcement agencies of 15 countries have made the holiday season a little less stressful for companies and consumers - by seizing control of some of the internet's most popular DDoS-for-hire services. Operation PowerOFF has disrupted what was anticipated to be a surge of distributed denial-of-service (DDoS) attacks over the Christmas period by taking over two dozen "booter" or "stresser" websites offline. READ MORE...
Russian nation-state hackers have followed an unusual path to gather intel in the country's ongoing invasion of Ukraine-appropriating the infrastructure of fellow threat actors and using it to infect electronic devices its adversary's military personnel are using on the front line. On at least two occasions this year, the Russian hacking group has used servers and malware used by separate threat groups in attacks targeting front-line Ukrainian military forces. READ MORE...
The US government unsealed charges yesterday against a Chinese national who allegedly broke into approximately 81,000 of Sophos firewall devices around the world in 2020. Guan Tianfeng, also known as gbigmao and gxiaomao, was charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Tianfeng has also been accused of developing and testing a zero-day security vulnerability used to conduct the Sophos attacks. READ MORE...
We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE. According to the National Vulnerability Database (NVD), which published the CVE on Wednesday, Apache scored CVE-2024-53677 a 9.5 using the CVSSv4 framework while Tenable noted a 9.8 rating using CVSSv3 - take your pick. READ MORE...
Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing outdated plugins with known vulnerabilities with available exploits, the attackers can access a large pool of flaws that lead to remote code execution (RCE), SQL injection, cross-site scripting (XSS) flaws, or create backdoor admin accounts. READ MORE...