Archive for the ‘server security’ Category
For the second time in just over a year, the city of Baltimore has been hit by a ransomware attack, affecting its computer network and forcing officials to shut down a majority of its computer servers as a precaution.
Ransomware works by encryption files and locking them up so users can't access them. The attackers then demand a ransom amount, typically in Bitcoin digital currency, in
Posted in Baltimore, computer virus, cyber security, Malware attack, ransomware, ransomware attack, server security | Comments (0)
Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware.
As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to distribute a
Posted in Cyber Attack, GandCrab ransomware, Malware attack, oracle, Oracle WebLogic Server, ransomware, ransomware attack, server hacking, server security | Comments (0)
An unprotected database belonging to JustDial, India's largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy "88888 88888" customer care number, The Hacker News has learned and independently verified.
Founded over two decades ago, JustDial (JD) is the
Posted in API Security, cyber security, data breach, data leaked, Database Security, hacking news, Just dial, mobile api security, server security, unprotected database, website security | Comments (0)
The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server.
Developed by ASF, Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications such as Java Servlet,
Posted in Apache, Apache exploit, Apache Server, Apache Tomcat, cyber security, hacking news, server security, Vulnerability | Comments (0)
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities.
The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Red Hat, Debian, and also comes bundled within some distributions and software as a default library
Posted in hacking linux, hacking news, libssh, libssh2, linux security, memory corruption vulnerability, secure shell, server security, ssh exploit, ssh hacking, Vulnerability | Comments (0)
A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files.
The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the
Posted in Cyber Attack, Database Security, FBI, FBI investigation, government computers hacking, Oklahoma Securities Commission, server hacked, server security | Comments (0)
A proof-of-concept (PoC) exploit for a critical vulnerability in the Network Time Protocol daemon (ntpd) has been publically released that could allow anyone to crash a server with just a single maliciously crafted packet.
The vulnerability has been patched by the Network Time Foundation with the release of NTP 4.2.8p9, which includes a total of 40 security patches, bug fixes, and
Posted in ddos attack, Denial of Service, DoS vulnerability, exploit code, hacking news, network security, Network Time Protocol, NTP Server, Security patch, server security | Comments (0)
Yes, you only need a single laptop with a decent internet connection, rather a massive botnet, to launch overwhelming denial of service (DoS) attacks in order to bring down major Internet servers and modern-day firewalls.
Researchers at TDC Security Operations Center have discovered a new attack technique that lone attackers with limited resources (in this case, a laptop and at least 15Mbps
Posted in ddos attack, DDoS Botnet, ddos protection, ddos tool, denial-of-service attacks, dos attack, hacking news, server security | Comments (0)
Over a month ago we reported about two critical zero-day vulnerabilities in the world’s 2nd most popular database management software MySQL:
MySQL Remote Root Code Execution (CVE-2016-6662)
Privilege Escalation (CVE-2016-6663)
At that time, Polish security researcher Dawid Golunski of Legal Hackers who discovered these vulnerabilities published technical details and proof-of-concept exploit
Posted in hacking database, hacking mysql, hacking news, MariaDB, MySQL, PerconaDB, privilege escalation, Remote code execution vulnerability, server hacking, server security, Vulnerability | Comments (0)
If you think that the HTTP/2 protocol is more secure than the standard HTTP (Hypertext Transfer Protocol), then you might be wrong, as it took researchers just four months to discover four flaws in the HTTP/2 protocol.
HTTP/2 was launched properly just in May last year after Google bundled its SPDY project into HTTP/2 in February in an effort to speed up the loading of web pages as well as
Posted in ddos attack, HTTP/2 Protocol, HTTPS, HTTPS encryption, network security, server security, SPDY Protocol, website security, Whats is HTTP/2 Protocol | Comments (0)