Servers News, Articles and Updates

Safe and secure — how KVM solutions can improve cyber-security efforts

As an additional layer that sits on top of a business' infrastructure, KVM (keyboard, video, mouse) solutions are often seamlessly integrated within the workflows and processes of employees, and can deliver numerous benefits.

Bitcoin stealing malware distributed on download.com for nearly a year

Bitcoin stealing malware that swaps user accounts with that of the attacker was found to be hosted on Download.com servers for nearly a year.

New York hospital data breach, 135,000 patients potentially affected

In the US a New York hospital suffered a data breach affecting about 135,000 patients when an unauthorised party gained access to its servers.

New cryptojacking attack uses Redis and NSA exploits to infect machines

Security researchers have revealed an extremely complex cryptojacking attack dubbed RedisWannaMine. Researchers say RedisWannaMine is aimed at both database servers and application servers.

Old version of HPE Lights-Out server management contains DoS vulnerability

Hewlett Packard Enterprise has disclosed the discovery of a serious vulnerability in a previous version of its Lights-Out 3 embedded server management technology, which could be remotely exploited to trigger a DoS condition.

Misconfigured memcached server DDoS threat is too powerful to be ignored

DDoS threat actors have started to exploit a known problem with unsecured Memcache servers to launch hugely powerful attacks with little in the way of resource investment required.

'First true' native IPv6 DDoS attack spotted in wild

First in-the-wild DDOS IPV6 attack hits servers, with portents of more to come. The DNS dictionary attack originated from around 1,900 different native IPv6 hosts, on more than 650 different networks.

Double cryptominer delivered via Oracle server exploit

Threat actors exploited the CVE-2017-10271 vulnerability which allows for remote code execution to deliver both a 64-bit variant and a 32-bit variant of an XMRig Monero miner, according to a 26 February blog post.

Apple's China-based iCloud data centre raises privacy, human rights fears

Human rights activists are concerned that the Chinese government's regulation requiring that Apple host its citizen's iCloud accounts on servers in China could make it easier for that nation to track down dissenters.

Tesla's AWS servers hijacked by cryptominers

The hijacking of Tesla's Amazon Web Server cloud system by rogue cryptominers is proof that no one is immune to a misconfigured AWS server nor cryptomining attacks.

Open AWS S3 bucket exposes private info on thousands of Fedex customers

In what has become an alarmingly routine occurrence, an unsecured Amazon S3 server - this time affiliated with FedEx - has exposed personal information of tens of thousands of users.

Criminals ramps up server-side attacks

Hackers are increasingly turning to server-side attacks, according to a new report. Report notes fall in use of client-side exploit kits.

Is UDPoS 'mag-stripe DNS exfiltration' malware dumb, or dumber?

US remains a target as researchers at Forcepoint Labs uncovered possibly the first new PoS malware for two years. Named UDPoS, courtesy of how it relies upon User Datagram Protocol (UDP) DNS traffic for the exfiltration of data.

Evolving Hancitor downloader found, relying on malicious hosted servers

Despite its relatively small pool of viable targets, the malicious Windows-based downloader Hancitor continues to surface in malspam campaigns that recently have relied heavily on distribution servers.

JenX botnet using video game to recruit IoT devices

Security researchers have found a new botnet that uses flaws connected to the Satori botnet and uses hosting services running multiplayer versions of Grand Theft Auto to infect IoT devices.

NotPetya attack totally destroyed Maersk's computer network: chairman

Shipping giant and NotPetya victim Maersk was forced to replace tens of thousands of servers and computers in the aftermath of the 17 June ransomware attack, the company's charman said in Davos at the World Economic Forum.

Monero crypto miner leveraging Apache Struts vulnerability

Cryptocurrency miners have begun using two older and already patched vulnerabilities to compromise servers to mine the Monero digital currency.

Cryptocurrency miners target web servers with malware

RubyMiner malware plants XMRig on vulnerable systems. Security researchers have discovered malware aimed at Linux and Windows servers running to mine cryptocurrency.

Misconfigured Amazon S3 server leaks Australian Broadcasting Corporation

As misconfigured Amazon servers continue to leak sensitive data Australian Broadcasting Corporation (ABC) is the latest culprit of administrators not properly securing their cloud servers.

Amazon takes steps to reduce S3 misconfiguration leaks

Amazon is taking action to combat the recent wave of its Amazon S3 server being left misconfigured subsequently exposing potentially sensitive data.

Another misconfigured Amazon S3 server leaks data of 50,000 Australians

Another misconfigured Amazon server has resulted in the exposure of personal data - this time on 50,000 Australian employees that were left unsecure by a third-party contractor.

Researchers find 7 percent of all Amazon S3 servers exposed

A recent study by SkyHigh Networks found seven percent of all Amazon S3 servers are exposed which may explain a recent surge of data leaks in the last few months including the information on 198 million American voters.

Email server vulnerability detection - a best practice checklist

By following best practices and incorporating security measures when setting up an email server, you will be able to protect yourself from the most frequent and dangerous scenarios says Marcell Gogan.

'ShadowPad' attack sabotaged NetSarang software with backdoor

Attackers secretly modified at least five software packages distributed by network connectivity and server management solutions provider NetSarang in order to infect its business users with modular backdoor spyware.

Zero-day on Windows Server 2003 could affect up to 600,000 servers

Hackers are said to be rushing to develop exploits as Microsoft says it won't patch flaw in Internet Information Services (IIS) 6.0 on Windows Server 2003.

Apache Struts vulnerability being exploited by attackers

Starting last Thursday (9 March 2017), AlienVault has seen a high number of attackers trying to exploit this vulnerability and recommends patching as soon as possible.

Imgur suffers DDoS attack on 4chan and 8chan servers

Imgur, the photo-sharing website, has been exploited in a distributed denial-of-service (DDoS) attack.