Iran-Linked APT42 Uses Social Engineering to Pose as Journalists – Active IOCs

May 2, 2024

Malicious Imageless Containers Amounting to Millions Planted on Docker Hub – Active IOCs

May 2, 2024

CVE-2024-32114 – Apache ActiveMQ Vulnerability

May 2, 2024

Severity

High

Analysis Summary

CVE-2024-32114

Apache ActiveMQ could allow a remote attacker to bypass security restrictions, caused by a flaw with not securing with the default configuration in Jolokia and REST API. By sending a specially crafted request, an attacker could exploit this vulnerability to interact with the broker and/or produce/consume messages or purge/delete destinations.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-32114

Affected Vendors

Apache

Affected Products

Apache ActiveMQ 6.0.0
Apache ActiveMQ 6.1.1

Remediation

Upgrade to the latest version of Apache ActiveMQ, available from the Apache Website.

Apache Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Cobalt Strike Malware – Active IOCs

CVE-2025-49719 – Microsoft SQL Server Zero-Day Vulnerability

Multiple Cisco Splunk Enterprise Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Iran-Linked APT42 Uses Social Engineering to Pose as Journalists – Active IOCs

Malicious Imageless Containers Amounting to Millions Planted on Docker Hub – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation