Remote Code Execution (RCE) - Security Intelligence

May 11, 2020

‘Blue Mockingbird’ Attempts to Distribute Monero Miners to Enterprise Targets

2 min read - A grouping of similar threat activity dubbed "Blue Mockingbird" attempted to distribute Monero-mining malware payloads across its enterprise targets.

April 28, 2020

Data-Stealing Asnarök Malware Exploits Zero-Day Flaw in Sophos XG Firewalls

2 min read - Cybercriminals have been using a Trojan dubbed Asnarök to steal data by exploiting a vulnerability in enterprise firewalls from Sophos, the company warned.

November 26, 2019

Exploit Code Escalates Apache Solr Vulnerability To ‘High Risk’ Status

2 min read - New exploit code has led researchers to reclassify a security threat aimed at the Linux enterprise search tool Apache Solr to "high severity status."

July 29, 2019

Weekly Security News Roundup: US Company Selling Fully Working BlueKeep Exploit

3 min read - Last week in security news, a U.S. company announced that its penetration tool had incorporated a fully working exploit for the BlueKeep vulnerability.

July 24, 2019

Attack Campaign Targets Exposed Elasticsearch Servers With DDoS Botnet

2 min read - Researchers spotted an attack campaign that is seeking out publicly exposed Elasticsearch databases and servers to deliver a DDoS botnet.

Software Vulnerabilities June 18, 2019

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

5 min read - IBM X-Force discovered a zero-day remote code execution vulnerability in TP-Link Wi-Fi extenders that could enable an attacker to command a device.

Endpoint June 14, 2019

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

5 min read - In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.

April 23, 2019

Belkin Wemo Zero-Day Vulnerability Could Leave the Door Open for IoT Attacks

2 min read - The Belkin Wemo Insight smart plug continues to be at risk of zero-day attacks nearly one year after a vulnerability was first disclosed, security researchers discovered.

February 26, 2019

Highly Critical Drupal Vulnerability Could Expose Sites to RCE Attacks, Developers Warn

2 min read - By exploiting a critical Drupal vulnerability recently disclosed by developers, attackers could potentially take control of websites and servers built on the CMS.

February 5, 2019

Attack Campaign Targets Linux Servers to Install New SpeakUp Trojan

2 min read - Security researchers observed an attack campaign that is targeting Linux servers to install samples of the new SpeakUp Trojan.

Security Intelligence

{{title}}

{{title}}

{{title}}

{{title}}

Topics

‘Blue Mockingbird’ Attempts to Distribute Monero Miners to Enterprise Targets

Data-Stealing Asnarök Malware Exploits Zero-Day Flaw in Sophos XG Firewalls

Exploit Code Escalates Apache Solr Vulnerability To ‘High Risk’ Status

Weekly Security News Roundup: US Company Selling Fully Working BlueKeep Exploit

Attack Campaign Targets Exposed Elasticsearch Servers With DDoS Botnet

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

Belkin Wemo Zero-Day Vulnerability Could Leave the Door Open for IoT Attacks

Highly Critical Drupal Vulnerability Could Expose Sites to RCE Attacks, Developers Warn

Attack Campaign Targets Linux Servers to Install New SpeakUp Trojan

{{{title}}}