home.social

#cybersecurityalert โ€” Public Fediverse posts

Live and recent posts from across the Fediverse tagged #cybersecurityalert, aggregated by home.social.

  1. iVentoy 1.0.2 flagged for installing unsafe Windows kernel drivers and injecting a fake root certificate, raising major security concerns for OS deployments. Experts urge caution until issues are resolved. #CyberSecurityAlert

    pupuweb.com/is-iventoy-a-dange

  2. ORing IAP Vulnerabilities: The Unwanted 2024 Feature Parade

    Discover the comedic side of cyber threats with St. Poelten UAS's report on ORing IAP vulnerabilities. Spoiler: it's no laughing matter! #CyberSecurityAlert
    thenimblenerd.com/?p=1031510

  3. Zero-day exploit targets Telegram for Android.

    A critical vulnerability dubbed "EvilVideo" allowed attackers to send malicious payloads disguised as multimedia files on Telegram.

    Thankfully, Telegram patched this in July 2024 (v10.14.5+).

    What's more concerning? The same threat actor was offering a "fully undetectable" Android cryptor service on underground forums.

    #CybersecurityAlert #MobileSecurity #ZeroDay

    welivesecurity.com/en/eset-res

  4. ๐Ÿ’ป๐Ÿ”’ #CyberSecurityAlert ๐Ÿšจ

    Did you know that when MGM Resorts faced a $100 million hack, their CEO wasnโ€™t sweating the lost revenue? ๐Ÿคฏ Thatโ€™s the power of cyber insurance! But hereโ€™s the kicker: the next year's premiums are no joke. ๐Ÿ“ˆ๐Ÿ’ฐ

    If you're struggling to afford cybersecurity insurance, youโ€™re not alone. Cyber threats are evolving, and the cost of protection is climbing. Now is the time to stay informed and understand why these expenses are skyrocketing.

    Read more to get the full scoop and stay one step ahead: [short.steelefortress.com/899iw ๐ŸŒโœจ

    #CyberRisk #InsuranceRates #MGMResorts #StayProtected #TechNews short.steelefortress.com/899iw #CyberSecurity #TechNews #Privacy

  5. ๐Ÿšจ BREAKING: A highly sophisticated P2P worm named "P2PInfect" is wreaking havoc on Redis instances! ๐Ÿ›๐Ÿ’ป It exploits the critical CVE-2022-0543 vulnerability in the Lua Library with a 10.0 severity score on CVSSv3 scale. Once in, it alters firewalls, granting unrestricted access to operators. ๐Ÿ˜ฑ

    P2PInfect establishes a P2P connection via port 60100 to a large C2 botnet, but no evidence of cryptomining yet. ๐Ÿ˜ฎ 934 out of 307,000 Redis instances have already fallen victim. ๐Ÿ˜จ

    What's scarier? P2PInfect is using Rust, favored by ransomware groups for fast encryption and evading detection. ๐Ÿฆพ

    ๐Ÿ”’ Stay safe! Update your Redis and amp up your cybersecurity practices NOW! ๐Ÿ”’

    Source: Unit 42 researchers hackread.com/self-replicating-

    Key points:
    - The worm, known as P2PInfect, is written in Rust and targets the popular open-source database software Redis.
    - It exploits a critical vulnerability (CVE-2022-0543) in the Lua Library, which has a severity score of 10.0 on the CVSSv3 scale.
    - Once inside a Redis instance, the worm alters local firewall settings, blocking legitimate access and granting unrestricted access to the worm operators.
    - The worm establishes a P2P connection via port 60100 to a large command and control (C2) botnet. There's no evidence yet of P2PInfect engaging in cryptomining using infected instances.
    - The worm's rapid spread has been noted, with 934 out of 307,000 publicly-communicating Redis instances identified as vulnerable.
    - The use of Rust by P2PInfect is concerning as many ransomware groups have shifted to Rust for its benefits, such as faster encryption and evading common detection methods.
    - Organizations and individuals are urged to update their Redis instances and implement robust cybersecurity practices to safeguard against potential attacks.

    A highly sophisticated peer-to-peer (P2P) worm named "P2PInfect" has been identified by researchers from Unit 42. It targets instances of the popular open-source database software Redis, exploiting a critical vulnerability known as CVE-2022-0543 in the Lua Library. This vulnerability has received a maximum severity score of 10.0 on the CVSSv3 severity scale. Once inside a Redis instance, the worm establishes a foothold in cloud container environments, alters firewall settings, and grants the operators unrestricted access. P2PInfect employs sophisticated techniques for persistence, ensuring long-term presence on infected systems. It establishes a P2P connection to a large command and control botnet, raising concerns about potential future mining activities.

    P2PInfect's use of the Rust programming language is unique and concerning to cybersecurity experts, as it offers benefits such as faster encryption and evading common detection methods. The worm's rapid spread has been observed, and organizations are urged to update their Redis instances and implement robust cybersecurity practices. The cybersecurity community must remain vigilant against emerging threats like P2PInfect and other advanced malware strains.

    #P2PInfect
    #CybersecurityAlert
    #Redis
    #RustLang
    #CVE20220543
    #CyberThreat
    #Botnet
    #CyberAttack
    #InfoSec
    #Unit42

  6. ๐Ÿšจ BREAKING: A highly sophisticated P2P worm named "P2PInfect" is wreaking havoc on Redis instances! ๐Ÿ›๐Ÿ’ป It exploits the critical CVE-2022-0543 vulnerability in the Lua Library with a 10.0 severity score on CVSSv3 scale. Once in, it alters firewalls, granting unrestricted access to operators. ๐Ÿ˜ฑ

    P2PInfect establishes a P2P connection via port 60100 to a large C2 botnet, but no evidence of cryptomining yet. ๐Ÿ˜ฎ 934 out of 307,000 Redis instances have already fallen victim. ๐Ÿ˜จ

    What's scarier? P2PInfect is using Rust, favored by ransomware groups for fast encryption and evading detection. ๐Ÿฆพ

    ๐Ÿ”’ Stay safe! Update your Redis and amp up your cybersecurity practices NOW! ๐Ÿ”’

    Source: Unit 42 researchers hackread.com/self-replicating-

    Key points:
    - The worm, known as P2PInfect, is written in Rust and targets the popular open-source database software Redis.
    - It exploits a critical vulnerability (CVE-2022-0543) in the Lua Library, which has a severity score of 10.0 on the CVSSv3 scale.
    - Once inside a Redis instance, the worm alters local firewall settings, blocking legitimate access and granting unrestricted access to the worm operators.
    - The worm establishes a P2P connection via port 60100 to a large command and control (C2) botnet. There's no evidence yet of P2PInfect engaging in cryptomining using infected instances.
    - The worm's rapid spread has been noted, with 934 out of 307,000 publicly-communicating Redis instances identified as vulnerable.
    - The use of Rust by P2PInfect is concerning as many ransomware groups have shifted to Rust for its benefits, such as faster encryption and evading common detection methods.
    - Organizations and individuals are urged to update their Redis instances and implement robust cybersecurity practices to safeguard against potential attacks.

    A highly sophisticated peer-to-peer (P2P) worm named "P2PInfect" has been identified by researchers from Unit 42. It targets instances of the popular open-source database software Redis, exploiting a critical vulnerability known as CVE-2022-0543 in the Lua Library. This vulnerability has received a maximum severity score of 10.0 on the CVSSv3 severity scale. Once inside a Redis instance, the worm establishes a foothold in cloud container environments, alters firewall settings, and grants the operators unrestricted access. P2PInfect employs sophisticated techniques for persistence, ensuring long-term presence on infected systems. It establishes a P2P connection to a large command and control botnet, raising concerns about potential future mining activities.

    P2PInfect's use of the Rust programming language is unique and concerning to cybersecurity experts, as it offers benefits such as faster encryption and evading common detection methods. The worm's rapid spread has been observed, and organizations are urged to update their Redis instances and implement robust cybersecurity practices. The cybersecurity community must remain vigilant against emerging threats like P2PInfect and other advanced malware strains.

    #P2PInfect
    #CybersecurityAlert
    #Redis
    #RustLang
    #CVE20220543
    #CyberThreat
    #Botnet
    #CyberAttack
    #InfoSec
    #Unit42

  7. ๐Ÿšจ BREAKING: A highly sophisticated P2P worm named "P2PInfect" is wreaking havoc on Redis instances! ๐Ÿ›๐Ÿ’ป It exploits the critical CVE-2022-0543 vulnerability in the Lua Library with a 10.0 severity score on CVSSv3 scale. Once in, it alters firewalls, granting unrestricted access to operators. ๐Ÿ˜ฑ

    P2PInfect establishes a P2P connection via port 60100 to a large C2 botnet, but no evidence of cryptomining yet. ๐Ÿ˜ฎ 934 out of 307,000 Redis instances have already fallen victim. ๐Ÿ˜จ

    What's scarier? P2PInfect is using Rust, favored by ransomware groups for fast encryption and evading detection. ๐Ÿฆพ

    ๐Ÿ”’ Stay safe! Update your Redis and amp up your cybersecurity practices NOW! ๐Ÿ”’

    Source: Unit 42 researchers hackread.com/self-replicating-

    Key points:
    - The worm, known as P2PInfect, is written in Rust and targets the popular open-source database software Redis.
    - It exploits a critical vulnerability (CVE-2022-0543) in the Lua Library, which has a severity score of 10.0 on the CVSSv3 scale.
    - Once inside a Redis instance, the worm alters local firewall settings, blocking legitimate access and granting unrestricted access to the worm operators.
    - The worm establishes a P2P connection via port 60100 to a large command and control (C2) botnet. There's no evidence yet of P2PInfect engaging in cryptomining using infected instances.
    - The worm's rapid spread has been noted, with 934 out of 307,000 publicly-communicating Redis instances identified as vulnerable.
    - The use of Rust by P2PInfect is concerning as many ransomware groups have shifted to Rust for its benefits, such as faster encryption and evading common detection methods.
    - Organizations and individuals are urged to update their Redis instances and implement robust cybersecurity practices to safeguard against potential attacks.

    A highly sophisticated peer-to-peer (P2P) worm named "P2PInfect" has been identified by researchers from Unit 42. It targets instances of the popular open-source database software Redis, exploiting a critical vulnerability known as CVE-2022-0543 in the Lua Library. This vulnerability has received a maximum severity score of 10.0 on the CVSSv3 severity scale. Once inside a Redis instance, the worm establishes a foothold in cloud container environments, alters firewall settings, and grants the operators unrestricted access. P2PInfect employs sophisticated techniques for persistence, ensuring long-term presence on infected systems. It establishes a P2P connection to a large command and control botnet, raising concerns about potential future mining activities.

    P2PInfect's use of the Rust programming language is unique and concerning to cybersecurity experts, as it offers benefits such as faster encryption and evading common detection methods. The worm's rapid spread has been observed, and organizations are urged to update their Redis instances and implement robust cybersecurity practices. The cybersecurity community must remain vigilant against emerging threats like P2PInfect and other advanced malware strains.

    #P2PInfect
    #CybersecurityAlert
    #Redis
    #RustLang
    #CVE20220543
    #CyberThreat
    #Botnet
    #CyberAttack
    #InfoSec
    #Unit42

  8. ๐Ÿšจ BREAKING: A highly sophisticated P2P worm named "P2PInfect" is wreaking havoc on Redis instances! ๐Ÿ›๐Ÿ’ป It exploits the critical CVE-2022-0543 vulnerability in the Lua Library with a 10.0 severity score on CVSSv3 scale. Once in, it alters firewalls, granting unrestricted access to operators. ๐Ÿ˜ฑ

    P2PInfect establishes a P2P connection via port 60100 to a large C2 botnet, but no evidence of cryptomining yet. ๐Ÿ˜ฎ 934 out of 307,000 Redis instances have already fallen victim. ๐Ÿ˜จ

    What's scarier? P2PInfect is using Rust, favored by ransomware groups for fast encryption and evading detection. ๐Ÿฆพ

    ๐Ÿ”’ Stay safe! Update your Redis and amp up your cybersecurity practices NOW! ๐Ÿ”’

    Source: Unit 42 researchers hackread.com/self-replicating-

    Key points:
    - The worm, known as P2PInfect, is written in Rust and targets the popular open-source database software Redis.
    - It exploits a critical vulnerability (CVE-2022-0543) in the Lua Library, which has a severity score of 10.0 on the CVSSv3 scale.
    - Once inside a Redis instance, the worm alters local firewall settings, blocking legitimate access and granting unrestricted access to the worm operators.
    - The worm establishes a P2P connection via port 60100 to a large command and control (C2) botnet. There's no evidence yet of P2PInfect engaging in cryptomining using infected instances.
    - The worm's rapid spread has been noted, with 934 out of 307,000 publicly-communicating Redis instances identified as vulnerable.
    - The use of Rust by P2PInfect is concerning as many ransomware groups have shifted to Rust for its benefits, such as faster encryption and evading common detection methods.
    - Organizations and individuals are urged to update their Redis instances and implement robust cybersecurity practices to safeguard against potential attacks.

    A highly sophisticated peer-to-peer (P2P) worm named "P2PInfect" has been identified by researchers from Unit 42. It targets instances of the popular open-source database software Redis, exploiting a critical vulnerability known as CVE-2022-0543 in the Lua Library. This vulnerability has received a maximum severity score of 10.0 on the CVSSv3 severity scale. Once inside a Redis instance, the worm establishes a foothold in cloud container environments, alters firewall settings, and grants the operators unrestricted access. P2PInfect employs sophisticated techniques for persistence, ensuring long-term presence on infected systems. It establishes a P2P connection to a large command and control botnet, raising concerns about potential future mining activities.

    P2PInfect's use of the Rust programming language is unique and concerning to cybersecurity experts, as it offers benefits such as faster encryption and evading common detection methods. The worm's rapid spread has been observed, and organizations are urged to update their Redis instances and implement robust cybersecurity practices. The cybersecurity community must remain vigilant against emerging threats like P2PInfect and other advanced malware strains.

    #P2PInfect
    #CybersecurityAlert
    #Redis
    #RustLang
    #CVE20220543
    #CyberThreat
    #Botnet
    #CyberAttack
    #InfoSec
    #Unit42

  9. ๐Ÿšจ BREAKING: A highly sophisticated P2P worm named "P2PInfect" is wreaking havoc on Redis instances! ๐Ÿ›๐Ÿ’ป It exploits the critical CVE-2022-0543 vulnerability in the Lua Library with a 10.0 severity score on CVSSv3 scale. Once in, it alters firewalls, granting unrestricted access to operators. ๐Ÿ˜ฑ

    P2PInfect establishes a P2P connection via port 60100 to a large C2 botnet, but no evidence of cryptomining yet. ๐Ÿ˜ฎ 934 out of 307,000 Redis instances have already fallen victim. ๐Ÿ˜จ

    What's scarier? P2PInfect is using Rust, favored by ransomware groups for fast encryption and evading detection. ๐Ÿฆพ

    ๐Ÿ”’ Stay safe! Update your Redis and amp up your cybersecurity practices NOW! ๐Ÿ”’

    Source: Unit 42 researchers hackread.com/self-replicating-

    Key points:
    - The worm, known as P2PInfect, is written in Rust and targets the popular open-source database software Redis.
    - It exploits a critical vulnerability (CVE-2022-0543) in the Lua Library, which has a severity score of 10.0 on the CVSSv3 scale.
    - Once inside a Redis instance, the worm alters local firewall settings, blocking legitimate access and granting unrestricted access to the worm operators.
    - The worm establishes a P2P connection via port 60100 to a large command and control (C2) botnet. There's no evidence yet of P2PInfect engaging in cryptomining using infected instances.
    - The worm's rapid spread has been noted, with 934 out of 307,000 publicly-communicating Redis instances identified as vulnerable.
    - The use of Rust by P2PInfect is concerning as many ransomware groups have shifted to Rust for its benefits, such as faster encryption and evading common detection methods.
    - Organizations and individuals are urged to update their Redis instances and implement robust cybersecurity practices to safeguard against potential attacks.

    A highly sophisticated peer-to-peer (P2P) worm named "P2PInfect" has been identified by researchers from Unit 42. It targets instances of the popular open-source database software Redis, exploiting a critical vulnerability known as CVE-2022-0543 in the Lua Library. This vulnerability has received a maximum severity score of 10.0 on the CVSSv3 severity scale. Once inside a Redis instance, the worm establishes a foothold in cloud container environments, alters firewall settings, and grants the operators unrestricted access. P2PInfect employs sophisticated techniques for persistence, ensuring long-term presence on infected systems. It establishes a P2P connection to a large command and control botnet, raising concerns about potential future mining activities.

    P2PInfect's use of the Rust programming language is unique and concerning to cybersecurity experts, as it offers benefits such as faster encryption and evading common detection methods. The worm's rapid spread has been observed, and organizations are urged to update their Redis instances and implement robust cybersecurity practices. The cybersecurity community must remain vigilant against emerging threats like P2PInfect and other advanced malware strains.

    #P2PInfect
    #CybersecurityAlert
    #Redis
    #RustLang
    #CVE20220543
    #CyberThreat
    #Botnet
    #CyberAttack
    #InfoSec
    #Unit42