Security News
The internet constantly changes as new technologies are developed, and vulnerabilities are discovered. At the same time, organizations expand their operations that interact with the Internet.
An unknown attacker targeted tens of thousands of unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner. The SSH key is said to have been set on 15,526 out of 31,239 unauthenticated Redis servers, suggesting that the attack was attempted on "Over 49% of known unauthenticated Redis servers on the internet."
You may be familiar with some of the shortest internet domains used by major companies, such as m.me and fb. Although the vast majority of internet domains contain TLDs separated by one or more dots, turns out it's not a must for a domain.
Multiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to dispense medication to patients. The four vulnerabilities in question, discovered by cybersecurity firm Rapid7 and reported to Baxter in April 2022, affect the following Sigma Spectrum Infusion systems -.
Tens of thousands of internet-facing IP cameras made by China-based Hikvision remain unpatched and exploitable despite a fix being issued for a critical security bug nearly a year ago. Awarded a CVSS score of 9.8 of 10 in severity, the Hikvision bug was considered serious enough for the US Cybersecurity and Infrastructure Security Agency to add it to its list of "Must patch" security flaws early this year, adding that the vulnerability is already being exploited.
Google Chrome extension 'Internet Download Manager' installed by more than 200,000 users is adware. Although the extension may install a known and legitimate download manager program, BleepingComputer observed unwanted behavior exhibited by the extension-such as opening links to spammy sites, changing the default browser search engine, and further hounding the user with pop-ups asking them to download more "Patches" and unwanted programs.
Google Chrome extension 'Internet Download Manager' installed by more than 200,000 users is adware. Although the extension may install a known and legitimate download manager program, BleepingComputer observed unwanted behavior exhibited by the extension-such as opening links to spammy sites, changing the default browser search engine, and further hounding the user with pop-ups asking them to download more "Patches" and unwanted programs.
Elon Musk has written an article for the Cyberspace Administration of China's flagship magazine. "Chinese companies will be a force to be reckoned with in the cause of energy innovation," Musk opined in the article.
Like Private Internet Access, are expanding their ability to provide location shifting and creating a whole new reason for users to turn to VPNs. Here's an overview of the data privacy benefits of today's commercial VPN services and how PIA is elevating location shifting into the next must-have VPN feature. The core purpose of a VPN is to encrypt data as it passes through the networks that make up the internet.
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking Cyber Risk and Readiness report has shown. Sixty-four percent of organizations have at least one device exposing this protocol to the public internet.