Collaborate Disseminate
Pen Test Partners’ Ken Munro and his colleagues – some of which are former ship crew members who really understand bridge and propulsion systems – have been probing the security of ships’ IT systems for a while now and the resul… Continue reading Vulnerable ship systems: Many left exposed to hacking
Earlier this year security researchers warned about vulnerable Apache Solr, Redis, and Windows servers hit with cryptominers. Imperva now says that that are still too many Internet-facing Redis servers and that 75% of them show signs of having been inf… Continue reading Are attackers harnessing your Redis server?
This article is about a recent ransomware threat that has hit thousands of Hewlett-Packard Enterprise Integrated Lights-Out 4 interfaces or HPE iLO 4 for short. These interfaces provide access to HP Enterprise servers and their remote control. The rans… Continue reading Over 5,000 HPE iLO 4 Interfaces Hit By Ransomware
Hackers, some of them backed by a nation-state, have attacked Cisco switches in multiple countries, the tech giant’s cyberthreat intelligence division has revealed. Some of the attacks “are believed to be associated with nation-state actors, such as those described” in a recent Department of Homeland Security report that said Russian government hackers were targeting multiple U.S. industries, Cisco said. The campaign disclosed by Cisco exploits a protocol in a tool called Cisco Smart Install Client that installs switches. The protocol can be abused to conduct a series of actions, including modifying a server setting, to let an attacker execute Cisco networking software commands. Cisco used the scanning tool Shodan to identify more than 168,000 systems that could be vulnerable to this attack. A March 15 DHS report blamed Russian government hackers for a multi-stage hacking campaign against the nuclear, critical manufacturing, and other U.S. sectors. The U.S. effort to call out alleged […]
The post Nation-state hackers hit Cisco switches appeared first on Cyberscoop.
By Waqas
For the last couple of years, hackers have been exploiting
This is a post from HackRead.com Read the original post: Hackers leave ransom note after wiping out MongoDB in 13 seconds
Continue reading Hackers leave ransom note after wiping out MongoDB in 13 seconds
I’ve done the leg work and I’ve struggled to identify how to search with the Shodan CLI, or the web search, just for a specific port and output all the IP addresses that expose this port.
For example in the cli:
shodan sea… Continue reading How to get shodan to report IP addresses with a specific open port?
By Waqas
For the last few days, hackers have been using vulnerable Memcached
This is a post from HackRead.com Read the original post: Memcached DDoS Attack PoC Code & 17,000 IP addresses Posted Online
Continue reading Memcached DDoS Attack PoC Code & 17,000 IP addresses Posted Online
A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules to automate mass exploitation of remote hosts. “Targets are collected … Continue reading AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit
Despite being a hub for technology talent, Berliners are leaving themselves wide open to cyberattack through poor security practices that are exposing millions of cyber assets. The data, based on analysis of devices and systems discoverable through Sho… Continue reading Are your connected devices searchable on the Internet?
I had a debate recently regarding whether conducting an Nmap scan through a 3rd party such as pentest-tools.net is considered active or passive. I argued that it is passive since there is no link between the scan and myself. … Continue reading Is external Nmap scan considered active or passive?