cyberveille.decio.ch

cyberveille.decio.ch

More
#EN #2024 #en #servers
300,000+ Prometheus Servers and Exporters Exposed to DoS Attacks
300,000+ Prometheus Servers and Exporters Exposed to DoS Attacks
In this research, we uncovered several vulnerabilities and security flaws within the Prometheus ecosystem. These findings span across three major areas: information disclosure, denial-of-service (DoS), and code execution. We found that exposed Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API keys. Additionally, we identified an alarming risk of DoS attacks stemming from the exposure of pprof debugging endpoints, which, when exploited, could overwhelm and crash Prometheus servers, Kubernetes pods and other hosts.
#aquasec#EN#2024#Prometheus#Servers#DoS#attacks#Exposed#research
·aquasec.com·
300,000+ Prometheus Servers and Exporters Exposed to DoS Attacks
Analysis of TargetCompany's Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware)
Analysis of TargetCompany's Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware)
While monitoring attacks targeting MS-SQL servers, AhnLab SEcurity intelligence Center (ASEC) recently identified cases of the TargetCompany ransomware group installing the Mallox ransomware. The TargetCompany ransomware group primarily targets improperly managed MS-SQL servers to install the Mallox ransomware. While these attacks have been ongoing for several years, here we will outline the correlation between the newly identified malware and previous attack cases involving the distribution of the Tor2Mine CoinMiner and BlueSky ransomware.
#asec.ahnlab#EN#2024#MS-SQL#servers#CoinMiner#BlueSky#ransomware#analysis
·asec.ahnlab.com·
Analysis of TargetCompany's Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware)