#openfire — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #openfire, aggregated by home.social.
-
This is nice. Hotel room with an open fire!
-
We are exploring support for #MariaDB, #Firebird and #CockroachDB in Openfire. This includes early pull requests and discussion of trade-offs, maintenance cost and real-world demand.
We would love community input before proceeding further.
Is this valuable, or more trouble than it is worth?
-
Epic 2-Day Fishing Adventure: Catching Giant Bass & Making Fish Tacos on a Remote Maine River https://www.diningandcooking.com/2193874/epic-2-day-fishing-adventure-catching-giant-bass-making-fish-tacos-on-a-remote-maine-river/ #adventure #AdventureAngling #American #AmericanRecipes #BassFishing #CampfireCooking #CatchAndCook #CookingCulinary #FishTacos #FishTacosRecipe #FishTacosTilapia #FishingTrip #GiantBass #MaineRiverFishing #MaineWilderness #NaturalBeauty #NatureCamping #OpenFire #OutdoorCooking #RecipeVideos #Recipes
-
Take control of your digital sovereignty with Openfire! 🌐
Discover how this open-source, XMPP-based platform for instant messaging, group chat, voice and video calls, and file sharing can secure your data, enhance privacy, and offer unmatched customization. 💬🔐
#DigitalSovereignty #Openfire #DataPrivacy #SecureCommunication
https://www.igniterealtime.org/support/articles/whitepaper_digital_sovereignty.jsp
-
#XMPP is the gold standard for interoperability. Its ability to connect projects from different creators is unparalleled, making it the go-to choice for seamless communication.
Community member Luke wrote a guide on configuring #Openfire to work with #Slidge.
Slidge is a gateway designed to connect you to chat networks like WhatsApp, Telegram or Matrix. It acts as a bridge, allowing you to interact with your contacts directly from your single, preferred XMPP client.
-
"🚨 Openfire Vulnerability Under Active Exploit: A Gateway to Ransomware and Cryptominers 🚨"
The widely-used Openfire chat server is under siege as hackers exploit a high-severity flaw, CVE-2023-32315, to deploy ransomware and cryptominers. This Java-based open-source XMPP server, boasting 9 million downloads, has become a lucrative target due to an authentication bypass vulnerability in its admin console. Attackers are creating new admin accounts on vulnerable servers, installing malicious Java plugins, and executing commands via HTTP requests. 🛑
The flaw spans across various Openfire versions dating back to 2015. Although patches were released in May 2023, over 3,000 servers remained vulnerable by mid-August 2023. The first known exploitation dates back to June 2023, when a server was ransomed post-exploitation. Attack scenarios include deploying crypto-mining trojans, installing backdoors, and extracting server information. 🕵️
Dr. Web has identified four distinct attack scenarios leveraging this flaw, emphasizing the urgency of applying available security updates. BleepingComputer also reports multiple instances of Openfire servers being encrypted with ransomware, appending a .locked1 extension to files. The ransom demands range from 0.09 to 0.12 bitcoins ($2,300 to $3,500). 🖥️🔓
The threat landscape is evolving, with threat actors not solely targeting Openfire servers but any vulnerable web server. It's a stark reminder for organizations to stay vigilant and ensure their systems are up-to-date with the latest security patches. 🛡️
Source: BleepingComputer by Bill Toulas
Tags: #Openfire #Ransomware #Cryptominers #CyberSecurity #Vulnerability #CVE202332315 #ThreatIntel #InfoSec #PatchManagement #ServerSecurity #DrWeb #BleepingComputer 🌐🔐
