cognitive cybersecurity intelligence

News and Analysis

Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw

A maximum-severity security bug in the Aviatrix Controller platform is being targeted by multiple threat actors, who are exploiting it to deploy malware. The bug, present in all supported Aviatrix Controller versions before 7.2.4996 or 7.1.4191, allows privilege escalation on Amazon Web Services and permits remote adversaries to run arbitrary commands. Some attacks involve deployment of XMRig cryptomining malware and Sliver backdoors. Many companies remain vulnerable, and Aviatrix strongly encourages the application of their issued patch as a protection.

Source: www.darkreading.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Determining patients' needs via pop health data

Determining patients' needs via pop health data

The enterprise taxonomy includes categories for Population and Public Health, Operations, Quality Care, Analytics, Care, Business, and Data and Information. Additionally, node settings specify that

NIST updates Privacy Framework with Version 1.1

NIST updates Privacy Framework with Version 1.1

The U.S. Department of Commerce aims to align its privacy and cybersecurity frameworks in response to rising cyberattacks. NIST’s PFW 1.1 draft updates privacy risk

Cross-team collaboration is where effective cybersecurity begins

Cross-team collaboration is where effective cybersecurity begins

The content outlines an enterprise taxonomy focusing on key areas: Cybersecurity and Privacy, Workforce Development, and Data and Information. It includes node settings to exclude

DDoS attackers are pouncing on unpatched vulnerabilities

DDoS attackers are pouncing on unpatched vulnerabilities

Why seek new attack methods when you can leverage existing, publicly known vulnerabilities? Exploiting these older weaknesses can be more effective, as they are often