Cybersecurity researchers today issued a security advisory warning enterprises and governments across the globe to immediately patch a highly-critical remote code execution vulnerability affecting F5's BIG-IP networking devices running application security servers.The vulnerability, assigned CVE-2020-5902 and rated as critical with a CVSS score of 10 out of 10, could let remote … [Read more...] about Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers
Servers
Company Detected Years-Long Breach Only After Hacker Maxed Out Servers’ Storage
What could be even worse than getting hacked?It's the "failure to detect intrusions" that always results in huge losses to the organizations.Utah-based technology company InfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 2014 until March 2016.What's ironic is that the company detected the breach only after … [Read more...] about Company Detected Years-Long Breach Only After Hacker Maxed Out Servers’ Storage
Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals.Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message … [Read more...] about Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages
New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely.The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the … [Read more...] about New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers
Facebook Patches “Memory Disclosure Using JPEG Images” Flaws in HHVM Servers
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file.The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by … [Read more...] about Facebook Patches “Memory Disclosure Using JPEG Images” Flaws in HHVM Servers
Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers.Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that … [Read more...] about Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks
BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
Enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in malicious USB devices, cybersecurity researchers at firmware security company Eclypsium told The Hacker News.Yes, that's correct. You can launch all types of USB attacks against vulnerable Supermicro servers without actually physically accessing them or waiting for your … [Read more...] about BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers.Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly … [Read more...] about Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers
Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people.According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included … [Read more...] about Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers
New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide
Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet.Dubbed GoldBrute, the botnet scheme has been designed in a way to escalate gradually by adding every new cracked system to its network, forcing them to further find new available RDP servers … [Read more...] about New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide