servers – Page 8 – WindowsTechs.com

European companies hit with highly customizable ransomware

Posted on April 3, 2017 by Zeljka Zorz

Panda Security researchers have been following and analyzing ransomware attacks that have been targeting European business for a few months now, and have tied them to the same group. Their modus operandi is simple: they brute-force their way into companies’ Internet-facing remote desktop protocol (RDP) servers, and use the access these servers give them to target specific computers on the company network. What’s interesting about these attacks is that the attackers are deploying a ransomware … More → Continue reading European companies hit with highly customizable ransomware→

Cyber criminals targeting healthcare orgs’ FTP servers

Posted on March 27, 2017 by Zeljka Zorz

FBI’s Cyber Division has sent out another notification to healthcare organizations, alerting them to the danger of cyber criminals using their FTP servers for various malicious purposes. “The FBI is aware of criminal actors who are actively targeting File Transfer Protocol (FTP) servers operating in ‘anonymous’ mode and associated with medical and dental facilities to access protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass, and blackmail business owners,” says … More → Continue reading Cyber criminals targeting healthcare orgs’ FTP servers→

Deception security doesn’t have to be onerous or expensive

Posted on March 22, 2017 by Zeljka Zorz

When talking about deception security, most infosec pros’ mind turns to honeypots and decoy systems – additional solutions that companies have to buy, deploy, and manage. But there are other ways to use deception to thwart attackers, and they do not require additional tools, pricy subscriptions, or the hiring of additional employees. Free and (nearly) effortless deception security Dr. Pedram Hayati, a partner in IT security services firm Elttam who has been conducting research in … More → Continue reading Deception security doesn’t have to be onerous or expensive→

Security audit of Dovecot mailserver reveals good security practices

Posted on January 17, 2017 by Zeljka Zorz

Dovecot – a popular open source IMAP and POP3 server for Linux/UNIX-like systems – is as secure as its developers claim it is. A security audit performed by German security outfit Cure 53 revealed only three minor security issues, and they’ve all already been fixed. The audit, sponsored by Mozilla through its Open Source Support program, was performed by four code and penetration testers over the course of twenty days. They tested version 2.2.26.0 of … More → Continue reading Security audit of Dovecot mailserver reveals good security practices→

Authorities Just Shut Down One of the World’s Largest Malware Networks

Posted on December 1, 2016 by Andrada Fiscutean for Motherboard

More than 800,000 domains were seized, sinkholed , or blocked in ‘Operation Avalanche’, an effort by law enforcement authorities and researchers in 30 countries. Continue reading Authorities Just Shut Down One of the World’s Largest Malware Networks→

Microsoft Shares New Azure Server Specs

Posted on November 29, 2016 by Aidan Finn

Azure Hero Server

Take a look at Microsoft’s newest contribution to the Open Compute Project (OCP), which gives us a peek behind the curtain and suggests what the next generation of Azure hosts will look like.

The post Microsoft Shares New Azure Server Specs appeared first on Petri.

Continue reading Microsoft Shares New Azure Server Specs→

New attack reportedly lets 1 modest laptop knock big servers offline

Posted on November 12, 2016 by Dan Goodin

“BlackNurse” could turn lone attackers with modest resources into Internet bullies. Continue reading New attack reportedly lets 1 modest laptop knock big servers offline→

Quickly audit and adjust SSH server configurations with SSH-audit

Posted on October 14, 2016 by Zeljka Zorz

SSH-audit is a standalone open source tool for auditing and fixing SSH server configurations. It has no dependencies and will run wherever Python is available. It supports OpenSSH, Dropbear SSH and libssh, and reports on every detail of the tested SSH server, including detailed information about used algorithms and security related information. “For each algorithm, it will state the security level (warning or failure), reasoning behind the assigned state, and historic information about the algorithm’s … More → Continue reading Quickly audit and adjust SSH server configurations with SSH-audit→

Yahoo May Have Exposed Rogers Customer Emails to US Spies

Posted on October 7, 2016 by Jordan Pearson for Motherboard

When emails go to the US, they’re open to eavesdropping. Continue reading Yahoo May Have Exposed Rogers Customer Emails to US Spies→

Compromising Linux virtual machines via FFS Rowhammer attack

Posted on August 18, 2016 by Zeljka Zorz

A group of Dutch researchers have demonstrated a variant of the Rowhammer attack that can be used to successfully compromise Linux virtual machines on cloud servers. The Flip Feng Shui (FFS) attack is not performed by triggering a software vulnerability. Instead, it relies on exploiting the widespread Rowhammer DRAM glitch to induce bit flips in controlled physical memory pages, and the Linux’ memory deduplication system. A short version of the attack sequence goes like this: … More → Continue reading Compromising Linux virtual machines via FFS Rowhammer attack→