Collaborate Disseminate
It’s now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers.
Why the urgency? Earlier today, multiple groups publicly re… Continue reading PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability
Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted syst… Continue reading Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called “Delegated Credentials for TLS.”
Delegated Credentials for TLS is a new simplified way … Continue reading Explained: How New ‘Delegated Credentials’ Boosts TLS Protocol Security
A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate c… Continue reading New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers.
Exim maintainers today released Exim version 4.9… Continue reading Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks
Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily detected by simply scanning the web pages of e-commerce sites.
Howev… Continue reading Autoloaded Server-Side Swiper
A German security researcher has publicly disclosed details of a serious vulnerability in one of the most popular FTP server applications, which is currently being used by more than one million servers worldwide.
The vulnerable software in question is… Continue reading A New ‘Arbitrary File Copy’ Flaw Affects ProFTPD Powered FTP Servers
Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when a cryptominer process is running without any throttling.
Below is an example … Continue reading Cryptomining Dropper and Cronjob Creator
For the second time in just over a year, the city of Baltimore has been hit by a ransomware attack, affecting its computer network and forcing officials to shut down a majority of its computer servers as a precaution.
Ransomware works by encryption fi… Continue reading Baltimore City Shuts Down Most of Its Servers After Ransomware Attack
Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware.
As suspected, a recently-… Continue reading Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware