all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Apache ActiveMQ bug exploited to deliver Kinsing malware

Add to bookmarks
Nov. 21, 2023, 11:49 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services by translating messages exchanged via different protocols (OpenWire, STOMP, MQTT, AMQP, etc.). CVE-2023-46604 is a vulnerability in the Java OpenWire protocol marshaller and may allow attackers to execute arbitrary code with the same privileges … More


The post …

activemq apache apache activemq applications attackers broker bug communication cryptocurrency cryptojacking cve cve-2023-46604 don't miss exploit exploitation exploited exploiting hot stuff install java kinsing kinsing malware linux linux systems malware message messages miners mqtt open source popular protocols services systems trend micro vulnerability

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 2 days, 1 hour ago | www.helpnetsecurity.com
accounts australia authentication bitwarden +24
LSA Whisperer: Open-source tools for interacting with authentication packages 2 days, 1 hour ago | www.helpnetsecurity.com
authentication azuread cybersecurity github +16
What AI can tell organizations about their M&A risk 2 days, 2 hours ago | www.helpnetsecurity.com
acquisition adoption ai adoption amp +19
Breaking down the numbers: Cybersecurity funding activity recap 2 days, 2 hours ago | www.helpnetsecurity.com
10 million aim aim security alethea +55
New infosec products of the week: April 26, 2024 2 days, 3 hours ago | www.helpnetsecurity.com
april capabilities cyber cyberint +21
Net neutrality has been restored 2 days, 11 hours ago | www.helpnetsecurity.com
actions broadband communications consumers +24
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 2 days, 16 hours ago | www.helpnetsecurity.com
acronis aim and response cloud +22
Edgio Client-Side Protection enables organizations to secure critical customer data 2 days, 17 hours ago | www.helpnetsecurity.com
apis browser client client-side +26
IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days, 17 hours ago | www.helpnetsecurity.com
agreement capabilities cash cloud +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs