PostgreSQL

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Apr 1, 2025 by iHash Leave a Comment

Apr 01, 2025Ravie LakshmananCryptojacking / Cloud Security Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed … [Read more...] about Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

Jan 9, 2023 by iHash Leave a Comment

Jan 09, 2023Ravie LakshmananKubernetes / Cryptojacking The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. A second initial access vector technique entails the use of vulnerable images, Sunders Bruskin, security researcher at Microsoft … [Read more...] about Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

Apr 29, 2022 by iHash Leave a Comment

Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. "By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular … [Read more...] about Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

SOC in the Network Operations Center

Mobile World Congress 2025 in Barcelona delivered on every promise – a record-breaking event with 109,000 attendees from 205 countries, with over 2,900 exhibitors, sponsors, and partners showcasing an impressive array of cutting‐edge topics, from 5G and IoT to Unified Security for the AI-driven Future. As always, Cisco’s presence showcased a suite of innovations, such […]

Polyglot technique for disguising malware

Not long ago, our Securelist blog published a post (Russian language only) about an attack on industrial enterprises using the PhantomPyramid backdoor, which our experts with a high degree of confidence attribute to the Head Mare group. The attack was fairly standard — an email claiming to contain confidential information, with an attached password-protected archive […]

Using the Privacy Advantage to Build Trust in the Age of AI

Understanding Today’s Privacy Landscape In our interconnected world, data privacy has become increasingly important. The Cisco 2025 Data Privacy Benchmark Study, which gathered perspectives from 2,600+ privacy and security professionals across 12 countries, paints a dynamic picture of the state of privacy today. Ninety percent of organizations believe local data storage is inherently safer than […]

How to Navigate the 2025 Identity Threat Landscape

Identity is at the center of the fight against adversaries. As threat actors weaponize legitimate credentials and sell access to the highest bidders, organizations must proactively detect and secure exposed identities to shut down potential attack paths before they can be exploited. The CrowdStrike 2025 Global Threat Report illustrates the urgent need for strong […]

Apple Intelligence features expand to new languages and regions today

Apple Intelligence, the personal intelligence system that delivers helpful and relevant intelligence while taking an extraordinary step forward for privacy in AI, is expanding to even more people around the world. Starting today, with the availability of iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4, Apple Intelligence features are now available in many new languages, […]

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. “The threat actor deploys payloads primarily […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers