Attacks aimed at vulnerable Apache RocketMQ servers underway | allinfosecnews.com

Jan. 9, 2024, 1:10 a.m. | SC Staff

SC Magazine feed for Threats www.scmagazine.com

BleepingComputer reports that internet-exposed Apache RocketMQ servers vulnerable to the critical remote code execution flaws, tracked as CVE-2023-33246 and CVE-2023-37582 the latter of which stemmed from the incomplete fix of the former were discovered by The ShadowServer Foundation to have been scanned by hundreds of hosts around the world daily for attempted exploitation.

apache attacks bleepingcomputer code code execution critical cve daily exposed fix flaws foundation internet network security remote code remote code execution reports rocketmq rocketmq servers servers shadowserver threat intelligence vulnerability management vulnerable world

More from www.scmagazine.com / SC Magazine feed for Threats

Arrests made in North Korean remote job scam targeting US firms 3 days, 4 hours ago | www.scmagazine.com

american arrests companies governance risk and compliance +14

BreachForums seized by FBI for 2nd time 4 days, 21 hours ago | www.scmagazine.com

account breach breachforums data +10

Anti-stalking feature to become part of Android 6.0+ and iOS 17.5 5 days, 3 hours ago | www.scmagazine.com

airtag alerts android apple +14

US agencies issue warning about Black Basta ransomware gang 5 days, 3 hours ago | www.scmagazine.com

agency alert basta black basta +29

Draft of 2025 defense bill includes mobile device cybersecurity evaluation 5 days, 3 hours ago | www.scmagazine.com

act analysts application security authorization +20

US agencies warn of state-sponsored cyberattacks on civil society groups 5 days, 4 hours ago | www.scmagazine.com

china civil civil society cyberattacks +20

UN report exposes North Korean cyberattacks, crypto laundering spree 5 days, 4 hours ago | www.scmagazine.com

breach cash crypto cryptocurrency +23

US, UK decry escalating cyber activities from China 5 days, 4 hours ago | www.scmagazine.com

british china critical-infrastructure-security cyber +9

Malicious PyPI ‘requests’ fork hides backdoor in PNG file 6 days, 19 hours ago | www.scmagazine.com

backdoor file fork malicious +7

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior Application Security Engineer

@ Austin Community College | HMO99: Field Office - MO Remote Location, Remote City, MO, 65043 USA

View on infosec-jobs.com

Sr. Information Assurance Security Analyst

@ SMS Data Products Group, Inc. | San Antonio, TX, United States

View on infosec-jobs.com

Product Cybersecurity Test Infrastructure Engineer (Remote)

@ SNC-Lavalin | HCT99: Field Office - CT Remote Location, Remote City, CT, 06101 USA

View on infosec-jobs.com