servers
-
Blog
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. The flaw was disclosed yesterday and affects Veeam Backup & Replication version 12.3.0.310 and all earlier version 12 builds. The company fixed it in version 12.3.1 (build 12.3.1.1139), which was released yesterday. According to a technical writeup by watchTowr Labs, who…
Read More » -
Blog
Why government email servers are top targets for state-backed hackers
State-backed hackers have accelerated attacks on government email servers in recent years, and it’s a trend that experts told ITPro will only get worse. The prediction comes after a threat group with reported links to Chinese espionage activities breached email servers belonging to the Belgian intelligence agency. On Wednesday February 26th, the Belgian federal prosecutor announced it had launched a…
Read More » -
Blog
Elon Musk doesn’t work for DOGE, says White House as battle for government servers intensifies – Computerworld
Furthermore, “The intelligence team recommended the DOGE members be monitored as an insider threat. Critically, they called for “suspending” any access to payment systems and “conducting a comprehensive review of all actions they may have taken on these systems,” it continued. “Mr. Musk has gained sweeping and unprecedented access to sensitive data, information, systems, and technological and financial infrastructure across…
Read More » -
Blog
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. Specifically, the operators of Zservers were accused of facilitating LockBit ransomware attacks and supporting…
Read More » -
Blog
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. Trimble Cityworks is a Geographic Information System (GIS)-centric asset management and work order management software designed primarily for local governments, utilities, and public works organizations. The product helps municipalities and infrastructure…
Read More » -
Blog
Outdated Exchange servers fail to auto-mitigate security bugs
Microsoft says outdated Exchange servers cannot receive new emergency mitigation definitions because an Office Configuration Service certificate type is being deprecated. Emergency mitigations (also known as EEMS mitigations) are delivered via the Exchange Emergency Mitigation Service(EEMS), introduced three years ago in September 2021. EEMS automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws to secure on-premises Exchange…
Read More » -
Blog
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. As part of the January Security Patch Day, the vendor also released updates for other products to patch 12 additional issues rated with medium and high severity. “SAP strongly recommends that the customer visits the Support Portal and applies…
Read More » -
Blog
Over 3 million mail servers without encryption exposed to sniffing attacks
Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks. IMAP and POP3 are two methods for accessing email on mail servers. IMAP is recommended for checking emails from multiple devices, such as phones and laptops because it keeps your messages on the server and synchronizes them…
Read More » -
Blog
Hackers exploit ProjectSend flaw to backdoor exposed servers
Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a critical authentication bug impacting ProjectSend versions before r1720, allowing attackers to send specially crafted HTTP requests to ‘options.php’ to change the application’s configuration. Successful exploitation allows the creation of rogue…
Read More » -
Blog
Steps to Secure Your Servers
In today’s interconnected world, where data breaches and cyber threats are increasingly prevalent, securing server environments has become a top priority. Implementing server hardening is a proactive approach to enhancing security by minimizing vulnerabilities and protecting critical assets from unauthorized access and attacks. This guide will explore the various aspects of IT security hardening, including cybersecurity hardening, OS hardening, device…
Read More »