Security News

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide
2020-08-19 10:05

Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway company, according to a report released by Guardicore Labs today.

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide
2020-08-19 03:16

Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway company, according to a report released by Guardicore Labs today.

Vulnerability Allowing Full Server Takeover Found in Concrete5 CMS
2020-08-18 15:35

A remote code execution vulnerability addressed recently in Concrete5 exposed numerous websites to attacks, Edgescan reports. What Edgescan discovered was an RCE flaw in Concrete5 that could have allowed an attacker to inject a reverse shell into vulnerable web servers, thus taking full control of them.

Critical Jenkins Server Vulnerability Could Leak Sensitive Information
2020-08-18 09:55

Jenkins-a popular open-source automation server software-published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. "Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat," read the advisory.

Citrix Warns of Critical Flaws in XenMobile Server
2020-08-12 15:17

The flaws exist in Citrix Endpoint Management, often referred to as XenMobile Server, which enables businesses to manage employees' mobile devices and mobile applications by controlling device security settings and updates. Specifically impacted at a critical level by the dual vulnerabilities is: XenMobile Server 10.12 before RP2, XenMobile Server 10.11 before RP4, XenMobile Server 10.10 before RP6 and XenMobile Server before 10.9 RP5. The remaining three flaws are rated medium- and low-severity.

If you haven't yet patched this critical hole in SAP NetWeaver Application Server, today is not your day
2020-08-12 09:59

We hope you've patched CVE-2020-6262, aka note 2835979, that affects SAP NetWeaver Application Server ABAP, because the folks who found and reported the vulnerability are going public with the details. The infosec biz's Alexander Meier and Fabian Hag found the security hole and reported it to SAP in April.

Intel Patches Many Privilege Escalation Vulnerabilities in Server Boards
2020-08-12 08:22

Intel informed customers on Tuesday that it has patched many potentially serious privilege escalation vulnerabilities in its Server Board products. One advisory published by the tech giant describes over 20 vulnerabilities affecting Intel Server Boards, Server Systems and Compute Modules.

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules
2020-08-11 20:02

Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. Beyond this critical flaw, Intel also fixed bugs tied to 22 critical-, high-, medium- and low-severity CVEs affecting its server board, systems and compute modules.

Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)
2020-08-11 13:17

Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management, also known as XenMobile, a product made for enterprises to help companies manage and secure their employees' mobile devices remotely. Citrix Endpoint Management offers businesses mobile device management and mobile application management capabilities.

Doki Backdoor Infiltrates Docker Servers in the Cloud
2020-07-30 17:00

A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control domain names. The campaign starts with an increasingly common attack vector: The compromise of misconfigured Docker API ports.