PostgreSQL

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Apr 1, 2025 by iHash Leave a Comment

Apr 01, 2025Ravie LakshmananCryptojacking / Cloud Security Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed … [Read more...] about Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

Jan 9, 2023 by iHash Leave a Comment

Jan 09, 2023Ravie LakshmananKubernetes / Cryptojacking The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. A second initial access vector technique entails the use of vulnerable images, Sunders Bruskin, security researcher at Microsoft … [Read more...] about Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

Apr 29, 2022 by iHash Leave a Comment

Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. "By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular … [Read more...] about Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

Apr 24, 2025Ravie LakshmananMalware / Threat Intelligence At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest […]

CrowdStrike Falcon for IT Adds Endpoint Automation Capabilities

Today, CrowdStrike is releasing automated baseline enforcement and remediation in CrowdStrike Falcon® for IT to secure misconfigured devices and consistently address vulnerabilities across endpoints. Operators can now centrally manage and enforce endpoint configurations across platforms to support security and compliance efforts. Security and IT teams must ensure endpoints are secure and compliant according to […]

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack

Apr 23, 2025Ravie LakshmananMalware / Cryptocurrency Multiple threat activity clusters with ties to North Korea (aka Democratic People’s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. “The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions […]

CrowdStrike Falcon Privileged Access Secures Critical Hybrid Identity Environments

CrowdStrike is excited to announce CrowdStrike Falcon Privileged Access, a new offering within CrowdStrike Falcon® Identity Protection that uses high-fidelity risk signals to provide just-in-time access to organizations’ critical permissions and resources. Adversaries know valid credentials unlock access to data, infrastructure, and capabilities. Nearly 80% of attacks to gain initial access are malware-free, the […]

How Cushman & Wakefield Secures Identities with Falcon Identity Protection

For years, Cushman & Wakefield’s security team knew that remote desktop protocol (RDP) access was a potential weak point, but enforcing multifactor authentication (MFA) for RDP was out of reach. The company’s legacy cybersecurity tools simply didn’t support it, leaving critical systems vulnerable to credential-based attacks. “We knew attackers target RDP as an easy […]

How GenAI is transforming banking experiences

Discover how GenAI is helping banks move from rigid systems to conversational, intuitive customer experiences while driving speed, insight, and fraud detection. “Did I eat at Wendy’s twice last week?” is the kind of question we might ask ourselves while scrolling through bank statements. Now, thanks to generative AI (GenAI), banks can more effectively understand […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

iProVPN: 3-Year Subscription for $29

Apple AirPods Pro 2 with MagSafe USB-C Charging Case (Refurbished) for $159

Apple Mac mini M2 (Early 2023) 8GB RAM 256GB SSD (Refurbished) for $359

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers