DripDropper Linux malware cleans up after itself - how it works

Threat Score:

Zdnet

1 day ago

Part of cluster #2053

Overview

DripDropper Linux malware cleans up after itself - how it works ZDNET's key takeaways DripDropper exploits an old server security hole. After infection, DripDropper patches the hole itself. Simple patch discipline could have stopped the exploit. Get more in-depth ZDNET tech coverage:Add us as a preferred Google sourceon Chrome and Chromium browsers. The security companyRed Canaryhas detected an attacker exploitingApache ActiveMQ, a popular open-source message broker, security holeCVE-2023-46604,...

Continue Reading on Original Site

5 articles

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Dark Reading • 5 hours ago

Researchers highlight how Warlock, a new ransomware heavyweight, uses its sophisticated capabilities to target on-premises SharePoint instances.

Score

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

Hackread • 6 hours ago

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 11 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

Feeds2 • 6 hours ago

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300) Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific targeted individuals.” CVE-2025-43300 CVE-2025-43300 is anout-of-bounds writeissue that could be triggered by a vulnerable device processing a malicious image file, leading to exploitable memory corruption. The vulnerability affects theIma

Score

At least three UK organizations hit by SharePoint zero-day hacking campaign

Therecord • 14 hours ago

At least three British organizations have reported to the country’s data protection regulator that hackers exploited bugs affecting on-premise Microsoft SharePoint servers.

Score

CVES

CVE-2023-46604

ATTACK TYPES

Command and Control

Credential Access

Malware Deployment

Remote Code Execution

Unauthorized Access

COMPANIES

Apache Software Foundation

Cisco

Google

Microsoft

Red Canary

PLATFORMS

Apache

Apache ActiveMQ

Linux

Windows

APT GROUPS

Careto

Earth Lusca

RANSOMWARE

Final

First

HelloKitty

One

MALWARE

Careto

DripDropper

MITRE ATT&CK

T1059

T1059.003

T1068

T1071

T1071.001

VULNERABILITIES

Remote Code Execution

INDUSTRIES

Cloud Computing

Cloud Services

Cybersecurity

Technology

ARTICLE INFORMATION

Article #12454

Published 1 day ago

Zdnet

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

At least three UK organizations hit by SharePoint zero-day hacking campaign

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies