Collaborate Disseminate
New glitch result in server crashes during Competitive Play matches, thus preventing change to ranking. Continue reading ‘Overwatch’ Players Are Crashing Servers to Avoid Losses in New Competitive Mode
A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these servers belong to the credit card company VISA, the Polish banking association ZBP, and the German stock exchange. They are vulnerable to these attacks because they used a duplicate cryptographic nonce with the AES-GCM cipher during the TLS handshake between the browser and the HTTPS-protected sites. This means … More → Continue reading Faulty TLS implementation opens VISA sites, users to attack
It’s been a week since the existence of several flaws affecting popular image processing library ImageMagick have been made public. At the time, one of these, a remote code execution vulnerability (CVE-2016–3714) that is easy to trigger was already exploited in attacks in the wild. The bug has been patched in ImageMagick versions 7.0.1-2 and 6.9.4-0 that were pushed out on Friday, but according to Sucuri Security and CloudFlare, attackers still hope not all web … More → Continue reading Attackers keep flinging assorted ImageMagick 0day exploits
A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely used by web services (social media, blogging sites, etc.). The flaw (CVE-2016–3714) is extremely easy to take advantage of – a booby-trapped image file that carries the exploit that will force the ImageMagick software to run malicious code on the server will do the trick. What’s more, it … More → Continue reading Web servers and sites under attack via ImageMagick zero-day flaw
Spurred by the recent discovery that the Samas (aka SamSam) ransomware is being spread via compromised servers running out-of-date versions of Red Hat’s JBoss server software, Cisco Talos researchers have begun scanning the Internet for machines that might be at risk. They found approximately 3.2 million vulnerable machines, but also a considerable number of those that are already compromised: 2,100 backdoors have been already been installed across nearly 1600 IP addresses. Another way into the … More → Continue reading Over 3 million servers running outdated JBoss software open to attack
A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, malicious HTTP request, security researcher Gregory Draperi has discovered. The Cisco UCS platform was designed to help organizations efficiently manage distributed Cisco UCS servers at scale. Cisco UCS Central Software helps manage multiple Cisco UCS domains. The vulnerability (CVE-2016-1352) is present in the product’s web framework, and its due to improper input … More → Continue reading Cisco UCS servers can be hijacked with malicious HTTP request
Gartner’s Q4 server revenue and shipping report shows that just leading in shipments does not equal an increase in revenue.
read more Continue reading Report: Server Revenue & Shipments Increased Worldwide in 4th Qtr 2015