3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and servers, supporting Java and various cross-language clients and many protocols, including AMQP, MQTT, OpenWire, and STOMP. Thanks to the project's support for a diverse set of secure authentication and authorization mechanisms, it is widely used in enterprise environments where systems communicate without direct connectivity. The flaw in question is CVE-2023-46604, a critical severity RCE allowing attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. Fixes were made available on the same day with the release of versions 5.15.16, 5.16.7, 5.17.6, and 5.18.3, which are the recommended upgrade targets. Researchers from threat monitoring service ShadowServer found 7,249 servers accessible with ActiveMQ services. Of those, 3,329 were found to run an ActiveMQ version vulnerable to CVE-2023-4660, with all of these servers vulnerable to remote code execution. Most of the vulnerable instances are located in China. The United States comes second with 530, Germany is third with 153, while India, the Netherlands, Russia, France, and South Korea have 100 exposed servers each. Given the role Apache ActiveMQ fulfills as a message broker in enterprise environments, exploitation of CVE-2023-46604 could result in message interception, workflow disruption, data theft, and even lateral movement in the network. As technical details on exploiting CVE-2023-46604 are publicly available, applying the security updates should be considered time-sensitive. F5 fixes BIG-IP auth bypass allowing remote code execution attacks. Critical RCE flaws found in SolarWinds access audit solution. Millions of Exim mail servers exposed to zero-day RCE attacks. Thousands of Juniper devices vulnerable to unauthenticated RCE flaw. ASUS routers vulnerable to critical remote code execution flaws.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to 3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

TellYouThePass ransomware joins Apache ActiveMQ RCE attacks - Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution vulnerability previously exploited as a zero-day. The flaw, tracked as CVE-2023-46604, is a maximum severity ...
10 months ago Bleepingcomputer.com
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online - Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and ...
10 months ago Bleepingcomputer.com
The Threat That Can't Be Ignored: CVE-2023-46604 in Apache ActiveMQ - There is another vulnerability that demands immediate attention, despite not receiving the level of recognition it truly deserves in the media. Apache ActiveMQ vulnerability, known as CVE-2023-46604, is a Remote Code Execution flaw rated at a ...
6 months ago Cybersecurity-insiders.com
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers - A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Apache OFBiz is an open-source enterprise resource planning system many businesses use for e-commerce ...
9 months ago Bleepingcomputer.com
Teaching Digital Literacy and Online Safety - It is crucial for educators to prioritize teaching online safety to ensure that students are equipped with the necessary skills to protect themselves online. This article aims to explore the importance of teaching digital literacy and online safety, ...
9 months ago Securityzap.com
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits - The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. The flaw allows remote code execution and was fixed in late October. Apache's ...
10 months ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
10 months ago Esecurityplanet.com
Role of Parents in Teaching Online Safety - In today's digital landscape, where children are increasingly exposed to the vast world of the internet, the role of parents in teaching online safety has become paramount. Parents should have regular conversations with their kids about the ...
9 months ago Securityzap.com
Veeam warns of critical bugs in Veeam ONE monitoring platform - Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. The company assigned almost maximum severity ratings to the critical security flaws ...
10 months ago Bleepingcomputer.com
Cybersecurity for Homeschooling Parents: A Guide - With the increased reliance on technology and online tools, homeschooling parents must also address the pressing issue of cybersecurity. Whether it's securing tech tools, teaching safe online practices, or accessing valuable resources, this guide ...
9 months ago Securityzap.com
Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw - Threat actors have unleashed a fresh wave of cyberattacks targeting a critical remote code-execution vulnerability in Apache ActiveMQ, for which the Apache Software Foundation issued a patch back in October. In many of the attacks, the adversary has ...
8 months ago Darkreading.com
Hackers target Apache RocketMQ servers vulnerable to RCE attacks - Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. Both vulnerabilities ...
9 months ago Bleepingcomputer.com
"Sierra:21" vulnerabilities impact critical infrastructure routers - A set of 21 newly discovered vulnerabilities impact Sierra OT/IoT routers and threaten critical infrastructure with remote code execution, unauthorized access, cross-site scripting, authentication bypass, and denial of service attacks. The flaws ...
10 months ago Bleepingcomputer.com
An Age-by-Age Guide to Online Safety for Kids - Although the access to information, entertainment, and connection it offers is vital to modern life, safeguarding kids' online safety is crucial for their wellbeing, development, and future success in an increasingly digital world. In the following ...
9 months ago Cyberdefensemagazine.com
Online Learning Security Best Practices - The rapid increase in remote learning has raised security concerns surrounding online learning platforms. The security of online learning platforms involves implementing robust measures to protect against unauthorized access and data breaches. By ...
9 months ago Securityzap.com
Hackers Actively Exploiting ActiveMQ Vulnerability Install Malware - Attackers have been exploiting the Apache ActiveMQ Vulnerability to steal data and install malware constantly. Using the Apache ActiveMQ remote code execution vulnerability, the Andariel threat group was found to be installing malware last month. ...
9 months ago Gbhackers.com
Safeguarding Children and Vulnerable Groups Online Strategies for Enhancing Online Safety in Digital Communities - As the younger generations get more involved with these online communities, they can also be targets for cyberbullies, hackers, scammers, online predators, and much worse. As the internet landscape continues to evolve, online forums and group chat ...
9 months ago Cyberdefensemagazine.com
New Microsoft Exchange zero-days allow RCE, data theft attacks - Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations. The zero-day vulnerabilities were disclosed by Trend Micro's ...
10 months ago Bleepingcomputer.com
Protecting Children Online: A Parent's Guide - It's easy to imagine a world in which our children are exposed to inappropriate content, cyberbullying, or even malicious online predators. In order to protect our children from these dangers, it is necessary to create an environment at home that ...
10 months ago Securityzap.com
Digital Citizenship Lessons for Students - This article aims to emphasize the significance of digital citizenship lessons for students, focusing on three key aspects: the definition and scope of digital citizenship, online etiquette, and safe online behavior. By equipping students with ...
9 months ago Securityzap.com
JetBrains warns of new TeamCity auth bypass vulnerability - JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. Tracked as CVE-2024-23917, this critical ...
8 months ago Bleepingcomputer.com
Atlassian patches critical RCE flaws across multiple products - Atlassian has published security advisories for four critical remote code execution vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS. All security issues addressed received a critical-severity ...
10 months ago Bleepingcomputer.com
Online Assessment Security Best Practices for Educators - In today's digital age, online assessment security has become a critical concern for educators. As online learning and remote testing continue to gain popularity, it is imperative for educators to implement best practices that uphold the integrity ...
9 months ago Securityzap.com
HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability - Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary ...
10 months ago Thehackernews.com
December Android updates fix critical zero-click RCE flaw - Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution bug. Tracked as CVE-2023-40088, the zero-click RCE bug was found in Android's System ...
10 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)