Tag: Struts | SpinSafe

Cyber Security Today, April 15, 2022 – A new botnet discovered, low MFA adoption and a Struts bug finally patched

April 15, 2022/in Internet Security

A new botnet discovered, low MFA adoption and a Struts bug finally patched.

Welcome to Cyber Security Today. It’s Friday April 15th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. Thanks for taking the time to tune in if this is a holiday Friday for you.

&nbsp

A new denial of service botnet has been discovered by security researchers in China. Called Fodcha, it’s adding 100 new infected devices to the estimated 62,000 enslaved devices already on the network. Most are in China. Devices are being compromised by Fodcha malware either through known vulnerabilities or weak passwords on Android servers, GitLab accounts and certain brands of routers. Some are made by Totolink. Last week I reported that another botnet was also compromised of certain unpatched models of Totolink routers.

I regularly quote cybersecurity experts saying implementing multifactor authentication is one of the best things IT leaders can do to lower the risk of a successful cyberattack through compromised passwords. So, here are some disturbing numbers from a report released this week by Trellix: Less than half of U.S. government agency respondents to a survey said their organization has fully developed MFA. At least that’s better than the critical infrastructure sector — which includes banks, transportation companies and utilities. Only 37 per cent of American firms in that sector had implemented MFA. Guest commentator Terry Cutler and I will talk about MFA and other identity management technologies in the Week in Review podcast later today.

Apache has admitted a fix for the Struts Java web application development platform issued two years ago didn’t do the job. It has now put out what it says is a patch that solves the problem. It’s serious enough that the U.S. Cybersecurity and Infrastructure Security Agency is urging users to upgrade to version 2.5.30.

Attention hospital IT administrators: If your facility uses the Aethon TUG wireless smart robot cart for delivering medicine or maintenance supplies, the Homebase server needs to be patched. Researchers at Cynerio have discovered five vulnerabilities that could allow an attacker to take remote…

Source…

Mirai, Gafgyt IoT botnets stab systems with Apache Struts, SonicWall exploits

September 10, 2018/in Internet Security

Mirai, Gafgyt IoT botnets stab systems with Apache Struts, SonicWall exploits ZDNet

Full coverage

botnet – read more

Ransomware Gang Made Over $100000 by Exploiting Apache Struts Zero-Day – BleepingComputer

April 7, 2017/in Internet Security

Ransomware Gang Made Over $ 100000 by Exploiting Apache Struts Zero–Day
BleepingComputer
For their attacks, the groups are using a zero–day in Apache Struts, disclosed and immediately fixed last month by Apache. The vulnerability, CVE-2017-5638, allows an attacker to execute commands on the server via content uploaded to the Jakarta …

and more »

zero day – read more

Apache Struts 2 exploit used to install ransomware on servers

April 7, 2017/in Computer Security

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.

The SANS Internet Storm Center issued an alert Thursday, saying an attack campaign is compromising Windows servers through a vulnerability tracked as CVE-2017-5638.

The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process.

This vulnerability was patched on March 6 in Struts versions 2.3.32 and 2.5.10.1. Attackers started exploiting the flaw almost immediately, leaving very little time for server administrators to deploy the update.

To read this article in full or to leave a comment, please click here

Network World Security

Tag Archive for: Struts