A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals.Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message … [Read more...] about Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages
Servers
New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely.The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the … [Read more...] about New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers
Facebook Patches “Memory Disclosure Using JPEG Images” Flaws in HHVM Servers
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file.The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by … [Read more...] about Facebook Patches “Memory Disclosure Using JPEG Images” Flaws in HHVM Servers
Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers.Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that … [Read more...] about Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks
BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
Enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in malicious USB devices, cybersecurity researchers at firmware security company Eclypsium told The Hacker News.Yes, that's correct. You can launch all types of USB attacks against vulnerable Supermicro servers without actually physically accessing them or waiting for your … [Read more...] about BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers.Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly … [Read more...] about Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers
Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people.According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included … [Read more...] about Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers
New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide
Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet.Dubbed GoldBrute, the botnet scheme has been designed in a way to escalate gradually by adding every new cracked system to its network, forcing them to further find new available RDP servers … [Read more...] about New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide
Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware
Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide.Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode … [Read more...] about Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware
Baltimore City Shuts Down Most of Its Servers After Ransomware Attack
For the second time in just over a year, the city of Baltimore has been hit by a ransomware attack, affecting its computer network and forcing officials to shut down a majority of its computer servers as a precaution.Ransomware works by encryption files and locking them up so users can't access them. The attackers then demand a ransom amount, typically in Bitcoin digital … [Read more...] about Baltimore City Shuts Down Most of Its Servers After Ransomware Attack