1. Home
  2. Discover
  3. Technology
  4. The Hacker News
  5. Alert — Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

Alert — Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

The Hacker News Daily Updates
Newsletter
cover

Data Classification for Cloud Security

How to Classify and Protect Cloud Data at Scale

Download Now Sponsored
LATEST NEWS Jan 14, 2023

Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident

DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "sophisticated attack" took place on December 16, 2022, and that the malware went undetected by its ...

Read More
Twitter Facebook LinkedIn

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti (1.2.23 and 1.3.0). The issue in question relates ...

Read More
Twitter Facebook LinkedIn

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. "Users of 'tiktok[.]com' could not refuse cookies as easily as accepting them and they were not informed in ...

Read More
Twitter Facebook LinkedIn

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco has warned of two security vulnerabilities affecting end-of-life (EoL) Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept (PoC) exploit. The issues are rooted in the router's web-based management interface, enabling a remote adversary to sidestep authentication or execute ...

Read More
Twitter Facebook LinkedIn

Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware

Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started in May 2022. It uses "components of SecondEye – a legitimate monitoring application – to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized installers," Bitdefender said in an analysis. A majority of the infections are said to originate ...

Read More
Twitter Facebook LinkedIn

Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar

Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar. "Attackers now use the polyglot technique to confuse security solutions that don't properly validate the JAR file format," Deep Instinct security ...

Read More
Twitter Facebook LinkedIn

Get Unified Cloud and Endpoint Security: Only $1 for 1,000 Assets for all of 2023!

As the new year begins, it's more important than ever to protect your business from the constantly evolving cyber threats that could compromise your valuable assets.  But who wants to pay an arm and a leg for top-tier security? With this Uptycs introductory offer, you do not have to. Kickstart the new year by securing your business with Uptycs. Starting now, for just $1, you can ...

Read More
Twitter Facebook LinkedIn

FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations

A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting governments and other large organizations. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets," Fortinet researchers said in a post-mortem analysis published this week. The ...

Read More
Twitter Facebook LinkedIn
cover

Data Classification for Cloud Security

How to Classify and Protect Cloud Data at Scale

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

The CICD service CircleCI French data protection watchdog Iranianbased VPN service twofactor authenticationbacked credentials webbased management interface legitimate monitoring application malicious Java archive Recent Security Incident surface management platform cookie consent rules remote access trojans JAR file format Deep Instinct security EoL Business Routers two security vulnerabilities Uptycs introductory offer other large organizations Unidentified threat actors Tainted VPN installers critical security vulnerability internetexposed Cacti servers Cisco Issues Warning

Older messages

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

Friday, January 20, 2023

The Hacker News Daily Updates Newsletter cover Data Classification for Cloud Security How to Classify and Protect Cloud Data at Scale Download Now Sponsored LATEST NEWS Jan 16, 2023 Raccoon and Vidar

Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!

Friday, January 20, 2023

The Hacker News Daily Updates Newsletter cover Data Classification for Cloud Security How to Classify and Protect Cloud Data at Scale Download Now Sponsored LATEST NEWS Jan 17, 2023 Hackers Can Abuse

Alert - Critical RCE Flaws Reported in Git Version Control System

Friday, January 20, 2023

The Hacker News Daily Updates Newsletter cover Industrial Cybersecurity Pulse Protecting Critical Infrastructure eBook Featured articles in this eBook include stories on how a desert water authority

Why Account Security Doesn't Stop at Login

Friday, January 20, 2023

The Hacker News eBook Update Newsletter EDI Requirements Checklist for Selecting the Best EDI System Download For Free Get an expert list of the top Electronic Data Interchange (EDI) requirements to

Mailchimp Suffers Another Security Breach Compromising Some Customers' Information

Friday, January 20, 2023

The Hacker News Daily Updates Newsletter cover Data Classification for Cloud Security How to Classify and Protect Cloud Data at Scale Download Now Sponsored LATEST NEWS Jan 19, 2023 6 Types of Risk

[Last chance to register] Simplify multi-cloud monitoring and insights with Elastic Observability

Tuesday, March 21, 2023

Easily provision Elastic Observability on your choice of cloud using terraformㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ elastic | Search. Observe. Protect Simplify multi-cloud monitoring and

Cyclists now outnumber motorists in City of London — and Amazon to lay off 9,000 more workers after earlier cuts

Monday, March 20, 2023

Issue #1077 — Top 20 stories of March 21, 2023 Issue #1077 — March 21, 2023 You receive this email because you are subscribed to Hacker News Digest. You can open it in the browser if you prefer. 1

Amazon CEO says laying off 9,000 more workers 'is best for the company long-term'

Monday, March 20, 2023

TechCrunch Newsletter TechCrunch logo The Daily Crunch logo By Christine Hall and Haje Jan Kamps Monday, March 20, 2023 🚚 Trucking is a vital industry and yet the majority of operations are operating

JSK Daily for Mar 20, 2023

Monday, March 20, 2023

JSK Daily for Mar 20, 2023 View this email in your browser A community curated daily e-mail of JavaScript news The Latest Angular 15 Features Will Change the Way You Code!🤯 Explore the new features of

Max Q - Maybe next time

Monday, March 20, 2023

TechCrunch Newsletter TechCrunch logo Max Q logo By Aria Alamalhodaei Monday, March 20, 2023 Hello and welcome back to Max Q! In this issue: An “operational pause” at Virgin Orbit Behold: New moon

Daily Coding Problem: Problem #1050 [Easy]

Monday, March 20, 2023

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Twitter. A permutation can be specified by an array P , where P[i] represents the

What happens when you invest in people & more this week at TechCrunch | March 20

Monday, March 20, 2023

Don't forget to grab your Early Stage tickets for Boston! TechCrunch events roundup This Wednesday on TechCrunch Live, we're turning the spotlight on a success story between Contrary Capital

😸 Meet GPT-4

Monday, March 20, 2023

Do you think AI-generated comments make communities like Product Hunt a better place? Discuss Product Hunt Read in browser This newsletter is brought to you by HOT TAKES? Do you think AI-generated

Mapped | The World’s Happiest Countries in 2023 🌎

Monday, March 20, 2023

Our annual map shows the happiest (and least happy) countries in every global region based on the latest data. View Online | Subscribe FEATURED STORY The World's Happiest Countries in 2023 Our

How Often Should You Upgrade Your Wi-Fi Router?

Monday, March 20, 2023

Did You Know?: Despite their radically different actual sizes, the Moon and the Sun appear to be nearly the same size in the sky. This is a complete coincidence that hinges entirely on the fact that