Tag: apache

3 Attack Reports | 0 Vulnerabilities

Attack reports

Increased Activity Against Apache OFBiz CVE-2024-32113

Recently, there has been a surge in malicious activity targeting a critical vulnerability (CVE-2024-32113) in the Apache OFBiz framework, a Java-based platform for developing Enterprise Resource Planning (ERP) applications. This vulnerability, a path traversal issue that can lead to remote code exe…
vulnerability
CVE-2024-32113
apache
erp
2024-08-01
remote code execution
ofbiz
Published: August 1, 2024
Downloadable IOCs: 5

Malware Targets Message Queuing Services Applications

The report describes a recent campaign targeting Apache RocketMQ platforms, where attackers exploited a known vulnerability (CVE-2023-33246) to gain remote code execution on the systems. They then downloaded and executed the Muhstik malware, which provides persistence, evades detection, performs la…
evasion
cryptocurrency
vulnerability
persistence
apache
2024-06-06
irc
rocketmq
lateral
muhstik
CVE-2023-33246
Published: June 6, 2024
Downloadable IOCs: 21

Ebury is alive but unseen: 400k Linux servers compromised for cryptotheft and financial gain

The Ebury malware gang is continuing to expand, with hundreds of thousands of servers compromised and used to steal cryptocurrency and credit card data, according to a paper published by ESET Research on 14 May 2024.
linux
bitcoin
2024-05-15
2024-05-10
apache
ebury
windigo
apachemodule
Published: May 15, 2024
Downloadable IOCs: 141
Click here to see more Attack Reports