Proof-of-Concept Released for Critical Apache Struts Vulnerability

Apache has released a security bulletin addressing a critical vulnerability in Apache Struts 2. Apache Struts is an open-source model-view-controller (MVC) framework for creating Java web applications. CVE-2024-53677 is a ‘Unrestricted Upload of File with Dangerous Type’ vulnerability and has Read More …

Weaponizing Apache OFBiz CVE-2023-51467

On December 26, SonicWall disclosed an authentication bypass affecting Apache OFBiz. SonicWall demonstrated the vulnerability, assigned CVE-2023-51467, by accessing the protected HTTP endpoint /webtools/control/ping without authentication. While that proved the vulnerability existed, it did not demonstrate arbitrary code execution. However, Read More …

GoTitan Botnet – Ongoing Exploitation on Apache ActiveMQ

This past October, Apache issued a critical advisory addressing CVE-2023-46604, a vulnerability involving the deserialization of untrusted data in Apache. On November 2, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2023-46604 to its known exploited list, KEV Catalog, indicating Read More …

Ransomware gang HelloKitty exploits critical Apache ActiveMQ bug CVE-2023-46604

Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer environments. In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom Read More …

Budworm: Espionage Group Returns to Targeting U.S. Organizations

The Budworm espionage group has mounted attacks over the past six months against a number of strategically significant targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S. state legislature. The latter attack is Read More …

Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to cyberattacks because security patches haven’t been applied. First detailed in December, the Read More …

What to Do About Log4j

Log4j poses some deep challenges to IT. In this article I’ll discuss some tactical measures people are already taking now and over the next week or two, and some strategic guidance for what to do after the immediate crisis abates. Read More …