By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: 295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > 295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Tech News

295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager

By Viral Trending Content 4 Min Read
Share
SHARE

Jun 11, 2025Ravie LakshmananNetwork Security / Threat Intelligence

Apache Tomcat Manager

Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting Apache Tomcat Manager interfaces.

The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to “identify and access exposed Tomcat services at scale.”

To that end, 295 unique IP addresses have been found to be engaged in brute-force attempts against Tomcat Manager on that date, with all of them classified as malicious. Over the past 24 hours, 188 unique IPs have been recorded, a majority of them located in the United States, the United Kingdom, Germany, the Netherlands, and Singapore.

Cybersecurity

In a similar vein, 298 unique IPs were observed conducting login attempts against Tomcat Manager instances. Of the 246 IP addresses flagged in the last 24 hours, all of them are categorized as malicious and originate from the same locations.

Targets of these attempts include the United States, the United Kingdom, Spain, Germany, India, and Brazil for the same time period. GreyNoise noted that a significant chunk of the activity came from infrastructure hosted by DigitalOcean (ASN 14061).

“While not tied to a specific vulnerability, this behavior highlights ongoing interest in exposed Tomcat services,” the company added. “Broad, opportunistic activity like this often serves as an early warning of future exploitation.”

To mitigate any potential risks, organizations with exposed Tomcat Manager interfaces are recommended to implement strong authentication and access restrictions, and monitor for any signs of suspicious activity.

The disclosure comes as Bitsight revealed that it found more than 40,000 security cameras openly accessible on the internet, potentially enabling anyone to access live video feeds captured by these devices over HTTP or Real-Time Streaming Protocol (RTSP). The exposures are concentrated in the United States, Japan, Austria, Czechia, and South Korea.

The telecommunications sector accounts for 79% of the exposed cameras, followed by technology (6%), media (4.1%), utilities (2.5%), education (2.2%), business services (2.2%), and government (1.2%).

The installations range from those installed in residences, offices, public transportation systems, and factory settings, inadvertently leaking sensitive information that could then be exploited for espionage, stalking, and extortion.

Cybersecurity

Users are advised to change default usernames and passwords, disable remote access if not required (or restrict access with firewalls and VPNs), and keep firmware up-to-date.

“These cameras – intended for security or convenience – have inadvertently become public windows into sensitive spaces, often without their owners’ knowledge,” security researcher João Cruz said in a report shared with The Hacker News.

“No matter the reason why one individual or organization needs this kind of device, the fact that anyone can buy one, plug it in, and start streaming with minimal setup is likely why this is still an ongoing threat.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

You Might Also Like

Android 16 Security Measures: Identity Check and Advanced Protection

White House Staffers Couldn’t Care Less About the East Wing Demolition

CISA warns of Lanscope Endpoint Manager flaw exploited in attacks

North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets

Geotab survey reveals 90% of Irish van and lorry drivers ready to embrace in-cab AI coaching

TAGGED: Apache Tomcat, Brute force, Cyber Security, Cybersecurity, DigitalOcean, Incident response, Internet, iot security, network security, Security Cameras, surveillance, Telecom Security, Threat Intelligence, Vulnerability
Share This Article
Facebook Twitter Copy Link
Previous Article UK to let Spain check Gibraltar passports in deal with EU
Next Article Just 5% of Irish Leaders Equipped to Fully Harness AI to Drive Growth in Their Organisation
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Is Ripple About To Overtake Ethereum? There Are More XRP Treasury Companies Than You Think
Crypto
Android 16 Security Measures: Identity Check and Advanced Protection
Tech News
Qatar and US warn EU law could threaten energy security as GECF ministers meet
Business
European Parliament rebels against simplified sustainability requirements
World News
United States and European Union Impose Sanctions on Russia
World News
Tariffs have unsettled Colorado’s ag industry; a Trump suggestion adds to uncertainty
Business
Fidelity opens the door to Solana, making SOL available to clients
Crypto

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Is Ripple About To Overtake Ethereum? There Are More XRP Treasury Companies Than You Think

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Is Ripple About To Overtake Ethereum? There Are More XRP Treasury Companies Than You Think
October 23, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?