Cyber criminals targeting healthcare orgs’ FTP servers
FBI’s Cyber Division has sent out another notification to healthcare organizations, alerting them to the danger of cyber criminals using their FTP servers for various …
Deception security doesn’t have to be onerous or expensive
When talking about deception security, most infosec pros’ mind turns to honeypots and decoy systems – additional solutions that companies have to buy, deploy, and …
Security audit of Dovecot mailserver reveals good security practices
Dovecot – a popular open source IMAP and POP3 server for Linux/UNIX-like systems – is as secure as its developers claim it is. A security audit performed by German …
Net Cease: Microsoft researchers unveil anti-reconnaissance tool
Microsoft researchers Itai Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from …
Quickly audit and adjust SSH server configurations with SSH-audit
SSH-audit is a standalone open source tool for auditing and fixing SSH server configurations. It has no dependencies and will run wherever Python is available. It supports …
Compromising Linux virtual machines via FFS Rowhammer attack
A group of Dutch researchers have demonstrated a variant of the Rowhammer attack that can be used to successfully compromise Linux virtual machines on cloud servers. The Flip …
Faulty TLS implementation opens VISA sites, users to attack
A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …
Attackers keep flinging assorted ImageMagick 0day exploits
It’s been a week since the existence of several flaws affecting popular image processing library ImageMagick have been made public. At the time, one of these, a remote …
Web servers and sites under attack via ImageMagick zero-day flaw
A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely …
Over 3 million servers running outdated JBoss software open to attack
Spurred by the recent discovery that the Samas (aka SamSam) ransomware is being spread via compromised servers running out-of-date versions of Red Hat’s JBoss server …
Cisco UCS servers can be hijacked with malicious HTTP request
A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, …