The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services.
These bots often carry Remote Code Execution (RCE) exploits targeting HTTP services, allowing attackers to embed Linux commands within GET or POST requests. We recently observed the use of CVE-2024-3721 in attempts to deploy a bot in one of our honeypot services. This bot variant turned out to be part of the infamous Mirai botnet, targeting DVR-based monitoring systems.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape
May 27, 2025
When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach multiple businesses through a single point of entry. In one ...
- Mozilla Releases Security Updates for Firefox and Firefox ESR
May 19, 2025
Mozilla has released three security advisories to address two critical vulnerabilities in Firefox and Firefox ESR. CVE-2025-4918 is an ‘out-of-bounds access when resolving promise objects’ vulnerability. If exploited, could allow an attacker to perform an out-of-bounds read or write on a JavaScript Promise object. Read more… Source: NHS Digital Sign up for our Newsletter The latest news and insights delivered ...
- Update your Chrome to fix serious actively exploited vulnerability
May 19, 2025
Google released an emergency update for the Chrome browser to patch an actively exploited vulnerability that could have serious ramifications. The update brings the Stable channel to versions 136.0.7103.113/.114 for Windows and Mac and 136.0.7103.113 for Linux. The easiest way to update Chrome is to allow it to update automatically, but you can end up lagging ...
- Proof-of-Concept Released Oracle VM VirtualBox
May 16, 2025
Oracle has released a security update to address a critical vulnerability in Oracle VM VirtualBox. Oracle VM VirtualBox is cross-platform virtualisation software. CVE-2025-30712 is an ‘improper access control’ vulnerability with a CVSSv3 score of 8.1 that affects the Oracle Virtualisation component of VirtualBox. Successful exploitation could allow an attacker with administrative privileges to gain linear memory ...
- Ivanti Endpoint Manager Mobile exploit chain exploited in the wild
May 16, 2025
On May 13, 2025, Ivanti disclosed an exploited in the wild exploit chain, comprising of two new vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM): CVE-2025-4427 and CVE-2025-4428. Ivanti EPMM is an enterprise-focused software suite for IT teams to manage mobile devices, applications, and content. CVE-2025-4427 is an authentication bypass vulnerability with a CVSS rating of 5.3 ...
- Fortinet Releases Multiple Security Advisories
May 14, 2025
Fortinet has released security advisories to two critical vulnerabilities. The security advisories address one critical vulnerability in FortiOS, FortiProxy and FortiSwitchManager, and an exploited vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera. CVE-2025-32756 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 9.6. Successful exploitation could allow a remote unauthenticated attacker to execute arbitrary ...