servers

  • Blog

    Hackers exploit ProjectSend flaw to backdoor exposed servers

    Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a critical authentication bug impacting ProjectSend versions before r1720, allowing attackers to send specially crafted HTTP requests to ‘options.php’ to change the application’s configuration. Successful exploitation allows the creation of rogue…

    Read More »
  • Blog

    Steps to Secure Your Servers

    In today’s interconnected world, where data breaches and cyber threats are increasingly prevalent, securing server environments has become a top priority. Implementing server hardening is a proactive approach to enhancing security by minimizing vulnerabilities and protecting critical assets from unauthorized access and attacks. This guide will explore the various aspects of IT security hardening, including cybersecurity hardening, OS hardening, device…

    Read More »
  • Blog

    New NachoVPN attack uses rogue VPN servers to install malicious updates

    A set of vulnerabilities dubbed “NachoVPN” allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers found that threat actors can trick potential targets into connecting their SonicWall NetExtender and Palo Alto Networks GlobalProtect VPN clients to attacker-controlled VPN servers using malicious websites or documents in social engineering…

    Read More »
  • Blog

    Meet Interlock — The new ransomware targeting FreeBSD servers

    Image: Midjourney A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. Launched at the end of September 2024, Interlock has since claimed attacks on six organizations, publishing stolen data on their data leak site after a ransom was not paid. One of the victims is Wayne County,…

    Read More »
  • Blog

    Exploitation of Docker remote API servers has reached a “critical level”

    Hackers are exploiting unprotected Docker remote API servers to deploy malware, with researchers stating the threat has reached a “critical level” and warning organizations to act now. A report from Trend Micro published on 21 October details how researchers observed an unknown threat actor abusing exposed docker remote API servers to deploy the ‘perfctl’ malware. The attack sequence begins with…

    Read More »
  • Blog

    Finland seizes servers of ‘Sipultie’ dark web drugs market

    The Finnish Customs office took down the website and seized the servers for the darknet marketplace ‘Sipulitie’ where criminals sold illegal narcotics anonymously. The agency’s announcement earlier today says that the site catered to both Finnish and English-speaking users, and that its operator claimed a turnover of 1.3 million Euros (approximately $1.42 million). The operation was possible thanks to an international collaboration…

    Read More »
  • Blog

    Hackers abuse F5 BIG-IP cookies to map internal servers

    CISA is warning that threat actors have been observed abusing unencrypted persistent F5 BIG-IP cookies to identify and target other internal devices on the targeted network. By mapping out internal devices, threat actors can potentially identify vulnerable devices on the network as part of the planning stages in cyberattacks. “CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by…

    Read More »
  • Blog

    US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers

    U.S. and U.K. cyber agencies warned today that APT29 hackers linked to Russia’s Foreign Intelligence Service (SVR) target vulnerable Zimbra and JetBrains TeamCity servers “at a mass scale.” A joint advisory issued by the NSA, the FBI, the U.S. Cyber Command’s Cyber National Mission Force (CNMF), and the U.K.’s NCSC warns network defenders to patch exposed servers to block these ongoing…

    Read More »
  • Blog

    New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks

    An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. The flaw, which enables attackers to perform arbitrary remote code execution if certain conditions are met, was disclosed late last month by the person who discovered it, Simone Margaritelli. Although its RCE aspect…

    Read More »
  • Blog

    6 Best Free SMTP Servers 2024

    Free SMTP servers are a valuable resource for individuals and small businesses looking to send emails without incurring additional costs. These servers allow users to send transactional and marketing emails through a reliable and secure platform. The best free services are actually the Free editions of paid systems. Here is our list of the best free SMTP servers: EmailSuccess EDITOR’S…

    Read More »
Back to top button
close