all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

Add to bookmarks
March 27, 2024, 11:02 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo Security, told Help Net Security. “We observed hundreds of compromised clusters in the past three weeks alone. Each cluster uses a public IP address, and most clusters contain hundreds to thousands of servers. There are hundreds of … More →


The post …

ai software anyscale attack attackers authentication bishop fox clusters compromise compromised cryptominers cve don't miss enterprise framework help net security hot stuff knowledge machine learning oligo oligo security ray researcher reverse security servers shells software vulnerability

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 1 day, 7 hours ago | www.helpnetsecurity.com
accounts australia authentication bitwarden +24
LSA Whisperer: Open-source tools for interacting with authentication packages 1 day, 8 hours ago | www.helpnetsecurity.com
authentication azuread cybersecurity github +16
What AI can tell organizations about their M&A risk 1 day, 8 hours ago | www.helpnetsecurity.com
acquisition adoption ai adoption amp +19
Breaking down the numbers: Cybersecurity funding activity recap 1 day, 9 hours ago | www.helpnetsecurity.com
10 million aim aim security alethea +55
New infosec products of the week: April 26, 2024 1 day, 9 hours ago | www.helpnetsecurity.com
april capabilities cyber cyberint +21
Net neutrality has been restored 1 day, 18 hours ago | www.helpnetsecurity.com
actions broadband communications consumers +24
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 1 day, 23 hours ago | www.helpnetsecurity.com
acronis aim and response cloud +22
Edgio Client-Side Protection enables organizations to secure critical customer data 1 day, 23 hours ago | www.helpnetsecurity.com
apis browser client client-side +26
IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days ago | www.helpnetsecurity.com
agreement capabilities cash cloud +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs