Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) … [Read more...] about Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns
cyberattack
Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers. Attributing the attacks to a "sophisticated threat actor," the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and … [Read more...] about Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
Chinese Hackers Believed to be Behind Second Cyberattack on Air India
Even as a massive data breach affecting Air India came to light the previous month, India's flag carrier airline appears to have suffered a separate cyber assault that lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. Group-IB dubbed the … [Read more...] about Chinese Hackers Believed to be Behind Second Cyberattack on Air India
High-Severity PrinterLogic Flaws Enable Remote Code Execution
The three flaws enable an unauthenticated attacker to launch remote code execution attacks on printers. Source link … [Read more...] about High-Severity PrinterLogic Flaws Enable Remote Code Execution
Weather Channel Knocked Off-Air in Dangerous Precedent
The incident was the work of malicious cyberattackers. Source link … [Read more...] about Weather Channel Knocked Off-Air in Dangerous Precedent