-
Python-Based Botnet Targets Linux Systems with Exposed SSH Ports
Experts believe that an experienced cybercrime group has created a botnet from compromised Linux servers and is using these systems to mine Monero, a digital currency.
- January 05, 2018
- 04:21 PM
0
-
Server Cryptomix Ransomware Variant Released
The devs behind the Cryptomix ransomware just keep pushing them out. A new Cryptomix variant was released last week that appends the .SERVER extension to encrypted files and changes the contact emails used by the ransomware.
- January 04, 2018
- 12:52 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Vulnerability Affects Hundreds of Thousands of IoT Devices
Here's something to be cheery on Christmas Day —a vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT devices.
- December 25, 2017
- 05:00 AM
- 2
-
How to Install the Built-In Windows 10 OpenSSH Server
For those who would like remote console access to their Windows 10 computers, the built-in Windows 10 OpenSSH Server may be what you are looking for. Even better, for those who are familiar with OpenSSH from using it in Linux, the Windows 10 version operates pretty much the same.
- December 14, 2017
- 03:54 PM
- 15
-
Mailsploit Lets Attackers Send Spoofed Emails on Over 33 Email Clients
German security researcher Sabri Haddouche has discovered a set of vulnerabilities that he collectively refers to as Mailsploit, and which allow an attacker to spoof email identities, and in some cases, run malicious code on the user's computer.
- December 05, 2017
- 09:48 AM
- 1
-
No Patch Available for RCE Bug Affecting Half of the Internet's Email Servers
A critical remote code execution flaw affects over half of the Internet's email servers, and there's no fix for it available, just yet.
- November 28, 2017
- 01:00 AM
- 2
-
Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps
A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication of users against cloud services.
- November 27, 2017
- 01:00 AM
- 1
-
Amazon, Microsoft Launch Secret Cloud Servers for the US Intelligence Community
Today, Amazon announced a new offering named "AWS Secret Region," which is a cloud server region for use only by US intelligence agencies and their third-party contractors.
- November 20, 2017
- 06:50 PM
- 0
-
Oracle Products Affected by Critical JOLTandBLEED Vulnerabilities
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.
- November 17, 2017
- 04:32 AM
- 0
-
Amazon Updates AWS Dashboard to Warn Admins When They're Exposing S3 Buckets
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
- November 08, 2017
- 01:00 AM
- 0
-
Unsecured ElasticSearch Server Exposed Data on 1,133 NFL Players
Security researchers, and what appears to be at least one hacker, have found an ElasticSearch server left exposed online that was hosting information about 1,133 National Football League (NFL) players and agents.
- October 03, 2017
- 05:05 PM
- 0
-
Copy-Pasting Malware Dev Made $63,000 From Mining Monero on IIS Servers
A malware author (or authors) has made around $63,000 during the past five months by hacking unpatched IIS 6.0 servers and mining Monero.
- September 28, 2017
- 09:00 AM
- 0
-
Info on CCleaner Infections Lost Due To Malware Server Running Out of Disk Space
According to Avast, the database where the CCleaner hackers were collecting data from infected hosts ran out of space and was deleted on September 12, meaning information on previous victims is now lost to investigators and the number of computers infected with the second-stage backdoor payloads may be larger than initially believed.
- September 22, 2017
- 07:21 PM
- 11
-
Optionsbleed Bug Leaks Apache Server Memory
Certain Apache server configurations can leak server memory content via a vulnerability called Optionsbleed — tracked as CVE-2017-9798 — and detailed on Monday by security researcher Hanno Böck.
- September 20, 2017
- 06:15 AM
- 1
-
Over 4,000 ElasticSearch Servers Found Hosting PoS Malware Files
The Kromtech Security Center has identified over 4,000 instances of ElasticSearch servers that are hosting files specific to two strains of POS (Point of Sale) malware — AlinaPOS and JackPOS.
- September 12, 2017
- 08:00 PM
- 0
-
Admin Accounts With No Passwords at the Heart of Recent MongoDB Ransom Attacks
The recent wave of ransom attacks on MongoDB databases happened because database owners forgot to set passwords on their administrator accounts, according to Davi Ottenheimer, Senior Director of Product Security at MongoDB, Inc.
- September 11, 2017
- 06:56 AM
- 2
-
Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims
Ransom attacks on MongoDB databases rekindled last week and over the weekend with the emergence of three new groups that hijacked over 26,000 servers, with one group hijacking 22,000.
- September 04, 2017
- 06:34 AM
- 0
-
2016 Open-Source Repo Continues to Fuel the PHP Server Ransomware Scene
A PHP ransomware project open-sourced on GitHub is still spawning active threats, more than a year after it was released in early 2016.
- August 15, 2017
- 07:01 PM
- 2
-
White Supremacy Site Moves to the Dark Web After Being Spurned by GoDaddy, Google, and Zoho
The Daily Stormer, the most well known of all white supremacy online portals, was forced to move today to the Dark Web after various service providers dropped the site from their infrastructure.
- August 15, 2017
- 12:45 PM
- 6
-
Millions of RDP Endpoints Exposed Online and Ready for Bad Things
An Internet-wide scan carried out by security researchers from Rapid7 has discovered over 11 million devices with 3389/TCP ports left open online, of which over 4.1 million are specifically speaking the RDP protocol.
- August 15, 2017
- 09:15 AM
- 1
