servers

  • Blog
    digitpatrox1 week ago
    31

    Police detains Smokeloader malware customers, seizes servers

    In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five individuals. During Operation Endgame last year, more than 100 servers used by major malware loader operations (e.g. IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, SystemBC) were seized. In a press release today, Europol informs that the operation continues as law enforcement officers analyze the…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    53

    Veeam RCE bug lets domain users hack backup servers, patch now

    Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. The flaw was disclosed yesterday and affects Veeam Backup & Replication version 12.3.0.310 and all earlier version 12 builds. The company fixed it in version 12.3.1 (build 12.3.1.1139), which was released yesterday. According to a technical writeup by watchTowr Labs, who…

    Read More »
  • Blog
    digitpatroxMarch 3, 2025
    57

    Why government email servers are top targets for state-backed hackers

    State-backed hackers have accelerated attacks on government email servers in recent years, and it’s a trend that experts told ITPro will only get worse. The prediction comes after a threat group with reported links to Chinese espionage activities breached email servers belonging to the Belgian intelligence agency. On Wednesday February 26th, the Belgian federal prosecutor announced it had launched a…

    Read More »
  • Blog
    digitpatroxFebruary 19, 2025
    64

    Elon Musk doesn’t work for DOGE, says White House as battle for government servers intensifies – Computerworld

    Furthermore, “The intelligence team recommended the DOGE members be monitored as an insider threat. Critically, they called for “suspending” any access to payment systems and “conducting a comprehensive review of all actions they may have taken on these systems,” it continued. “Mr. Musk has gained sweeping and unprecedented access to sensitive data, information, systems, and technological and financial infrastructure across…

    Read More »
  • Blog
    digitpatroxFebruary 13, 2025
    60

    Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster

    The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. Specifically, the operators of Zservers were accused of facilitating LockBit ransomware attacks and supporting…

    Read More »
  • Blog
    digitpatroxFebruary 8, 2025
    344

    Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers

    Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. Trimble Cityworks is a Geographic Information System (GIS)-centric asset management and work order management software designed primarily for local governments, utilities, and public works organizations. The product helps municipalities and infrastructure…

    Read More »
  • Blog
    digitpatroxJanuary 25, 2025
    144

    Outdated Exchange servers fail to auto-mitigate security bugs

    Microsoft says outdated Exchange servers cannot receive new emergency mitigation definitions because an Office Configuration Service certificate type is being deprecated. Emergency mitigations (also known as EEMS mitigations) are delivered via the Exchange Emergency Mitigation Service(EEMS), introduced three years ago in September 2021. EEMS automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws to secure on-premises Exchange…

    Read More »
  • Blog
    digitpatroxJanuary 15, 2025
    91

    SAP fixes critical vulnerabilities in NetWeaver application servers

    SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. As part of the January Security Patch Day, the vendor also released updates for other products to patch 12 additional issues rated with medium and high severity. “SAP strongly recommends that the customer visits the Support Portal and applies…

    Read More »
  • Blog
    digitpatroxJanuary 3, 2025
    98

    Over 3 million mail servers without encryption exposed to sniffing attacks

    Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks. IMAP and POP3 are two methods for accessing email on mail servers. IMAP is recommended for checking emails from multiple devices, such as phones and laptops because it keeps your messages on the server and synchronizes them…

    Read More »
  • Blog
    digitpatroxNovember 28, 2024
    114

    Hackers exploit ProjectSend flaw to backdoor exposed servers

    Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a critical authentication bug impacting ProjectSend versions before r1720, allowing attackers to send specially crafted HTTP requests to ‘options.php’ to change the application’s configuration. Successful exploitation allows the creation of rogue…

    Read More »
Load More
Back to top button
close