Blog

26Juil 2024 by

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

Actualités
Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. "Unbeknownst to most
Read More
26Juil 2024 by

Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

Actualités
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. "In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code
Read More
25Juil 2024 by

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

Actualités
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel Hyatt,
Read More