Security News
A newly discovered Golang-based botnet malware scans for and infects web servers running phpMyAdmin, MySQL, FTP, and Postgres services. According to researchers with Palo Alto Networks' Unit 42, who first spotted it in the wild and dubbed it GoBruteforcer, the malware is compatible with x86, x64, and ARM architectures.
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking Cyber Risk and Readiness report has shown. Sixty-four percent of organizations have at least one device exposing this protocol to the public internet.
Stor-a-File, a British data capture and storage company, suffered a ransomware attack in August that exploited an unpatched instance of SolarWinds' Serv-U FTP software. "The medical company used Stor-a-file for the scanning of paper documents including medical records," our reader told us.
Mozilla has completely removed support for the File Transfer Protocol from the latest release of its flagship Firefox web browser. FTP has been abused in various malware distribution campaigns, some of which involved the compromise of FTP servers to leverage the protocol for payload delivery.
Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials. With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password generator that allows them to easily set up new passwords when signing up for new accounts or when changing the old passwords.
Google has released Chrome 88 today, January 19th, 2021, to the Stable desktop channel, and it includes security improvements and the long-awaited removal of Adobe Flash Player. Chrome 88 is now promoted to the Stable channel, Chrome 89 is the new Beta version, and Chrome 90 will be the Canary version.
In a message to The Register, Kumar said that on November 19, 2019, he told SolarWinds "Their update server was accessible with the password 'solarwinds123' which is leaking in the public Github repo. They fixed the issue and replied to me on." Using the exposed account name and password, he was able to upload a file to prove the system was insecure, he said he wrote in his report to SolarWinds, adding that a hacker could use the credentials to upload a malicious executable and add it to a SolarWinds update.
Google has decided to keep support for the File Transfer Protocol in Chrome a bit longer, after initially saying it would completely remove it in Chrome 82. Due to the lack of support for secure connections or proxies, the implementation of FTP in Chrome creates security risks for users.
Firefox Extended Support Release will continue to have FTP turned on by default in ESR version 78. A part of the FTP code is very old, unsafe and hard to maintain and we found a lot of security bugs in it in the past.
Mozilla is getting ready to remove support for the File Transfer Protocol from the Firefox web browser due to security concerns. The Internet giant aims to completely remove support for FTP in Chrome 82.