RocketMQ Remote Command Execution: RocketMQ versions 5.1.0 and below are vulnerable to remote command execution due to certain conditions. This vulnerability affects multiple components, including NameServer, Broker, and Controller, which are exposed on the extranet without permission verification. Exploiting this flaw, an attacker can leverage the update configuration function to execute commands as the system users running RocketMQ. Additionally, the attacker can achieve the same effect by forging the RocketMQ protocol content. To mitigate these attacks, users are advised to upgrade to version 5.1.1 or higher for RocketMQ 5.x or 4.9.6 or higher for RocketMQ 4.x.
Data Breach at Federal Board of Intermediate and Secondary Education: The Federal Board of Intermediate and Secondary Education experienced a data breach, with the hacker group responsible for publicly announcing their success in accessing and leaking result cards of 55,000 students. These result cards contain sensitive information, including identification photos. The group claims to possess an additional 111,000 student records.
800 Gbps DDoS Attack: An organization faced an unprecedented DDoS attack reaching a peak volume of 800 Gbps. The attack aimed to overwhelm the organization’s network infrastructure, resulting in service unavailability and significant disruption.
Operation Spalax by APT-C-36 (BlindEagle) in Colombia: APT-C-36, also known as BlindEagle, has launched Operation Spalax targeting organizations in Colombia. The operation utilizes deceptive email techniques and a series of malicious websites to infiltrate targeted networks.
VulnCheck Identifies Remote Command Injection in Contec SolarView: VulnCheck, a vulnerability detection tool, has identified a remote command injection vulnerability in the Contec SolarView series, affecting ICS (Industrial Control Systems) hardware. The vulnerability can be exploited by attackers to execute arbitrary commands on vulnerable systems.
Key Findings
it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated with various vulnerabilities and threats:
- RocketMQ Remote Command Execution
- Data Breach at Federal Board of Intermediate and Secondary Education
- 800 Gbps DDoS Attack
- Operation Spalax: APT-C-36 Targeting Colombia
- VulnCheck Identifies Contec SolarView Vulnerability
- FortiGate Firewall Vulnerability (CVE-2023-27997)
