Tag: rapid7
JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
Attacks targeting two security vulnerabilities in the TeamCity CI/CD platform have begun in earnest just days after its developer, JetBrains, disclosed the flaws on...
Breaking News
Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw
Threat actors have unleashed a fresh wave of cyberattacks targeting a critical remote code-execution (RCE) vulnerability in Apache ActiveMQ, for which the Apache Software...
Third Ivanti Vulnerability Exploited in the Wild, CISA Reports
A critical vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2023-35082, has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog.The vulnerability has...
Israeli Company Hires Overseas Attackers in ‘Hack Back’ Effort
A CEO at an Israeli company has hired a network of offensive cyber hackers from around the world to counter anti-Israel online activity.Doron Amir,...
Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare
APT29, the notorious Russian advanced persistent threat behind the 2020 SolarWinds hack, is actively exploiting a critical security vulnerability in JetBrains TeamCity that could...
Exploited Vulnerabilities Can Take Months to Make KEV List
On Oct. 10, the Cybersecurity and Infrastructure Security Agency (CISA) updated the Known Exploited Vulnerabilities (KEV) catalog with five known software flaws. At the...
Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable
Active ransomware and other cyberattacks against unpatched Atlassian Confluence Data Center and Server technology have driven up the CVSS score of the related vulnerability...
Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware
More than 3,000 Internet-accessible Apache ActiveMQ Servers are exposed to a critical remote code execution vulnerability that an attacker has begun actively targeting to...
Microsoft: China’s Behind Atlassian Confluence Attacks; PoCs Available
A China-sponsored advanced persistent threat (APT) tracked as Storm-0062 is responsible for the in-the-wild exploitation of the recently disclosed critical bug in Atlassian Confluence...
Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit
A critical privilege-escalation vulnerability in Atlassian Confluence Server and Confluence Data Center has been disclosed, with evidence of exploitation in the wild as a...
Attacks on Maximum Severity WS_FTP Bug Have Been Limited — So Far
After an early flurry of exploit activity, attacks targeting a maximum-severity flaw that Progress Software disclosed in its WS_FTP Server file transfer product last...
Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software
For the second time in recent months, Progress Software is requiring enterprise security teams to drop everything and move quickly to protect their organizations...
Lazarus Group Targets Healthcare Sector via ManageEngine Vulnerability
Kamso Oguejiofor-Abugu Published on: September 21, 2023 The Health Sector Cybersecurity Coordination Center (HC3) of the US Department...
Latest Intelligence
