Security News

As you can probably tell from the name, it involves Windows - everyone else talks about logging in, but on Windows you've always very definitely logged on - and it is an authentication bypass, because it lets you get away with using a zero-length password. On a Windows network, the secret component is the domain password of the computer you're connecting from.

A server misconfiguration has resulted in data pertaining to thousands of Razer customers being exposed to the Internet. A Singaporean-American manufacturer of gaming hardware, software, and systems, Razer also provides e-sports and financial services to its customers.

Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron's mobile device management solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. The vulnerabilities were identified by researchers at security consulting firm DEVCORE and they were reported to MobileIron in early April.

According to the IDC Worldwide Quarterly Server Tracker, vendor revenue in the worldwide server market grew 19.8% year over year to $24.0 billion during the second quarter of 2020. Worldwide server shipments grew 18.4% year over year to nearly 3.2 million units in 2Q20. In terms of server class, volume server revenue was up 22.1% to $18.7 billion, while midrange server revenue declined 0.4% to about $3.3 billion and high-end systems grew by 44.1% to $1.9 billion.

According to Kaspersky, these attackers are increasingly diversifying their arsenals to contain Linux tools, giving them a broader reach over the systems they can target. Many organisations choose Linux for strategically important servers and systems, and with a "Significant trend" towards using Linux as a desktop environment by big business as well as government bodies, attackers are in turn developing more malware for the platform.

September sees a bundle of 129 CVE-listed flaws patched by Microsoft. Of the nearly two-dozen critical patches, Zero Day Initiative's Dustin Childs says that far and away the most serious is CVE-2020-16875, a memory object error in Exchange Server that allows a poisoned email to execute code with System clearance.

Speaking at the 2020 Disclosure conference, Jones outlined how the trust many developers put in their software stacks and shared code, paired with a disturbing lack of online savvy, can make them easy pickings for hackers. "Systems are generally hardened - they have patches, they have firewalls, they have monitoring," Jones explained, "But [some] developers will run literally any bullshit they find on Stack Overflow. They keep credentials lying about, they're obviously going to have the source code and some production data sitting on their hardware as well."

Cryptomining activity used to monetize compromised servers. While cryptomining activity may not cause disruption or financial losses on its own, mining software is usually deployed to monetize compromised servers that are sitting idle while criminals plot larger money-making schemes.

If you're looking for a platform to help with the collection and sharing of cybersecurity events, you need not look any further than MISP. Jack Wallen shows you how to install this tool.

Apache recently fixed multiple vulnerabilities in its web server software that could have potentially led to the execution of arbitrary code and, in specific scenarios, even could allow attackers to cause a crash and denial of service. The first of the three issues involve a possible remote code execution vulnerability due to a buffer overflow with the "Mod uwsgi" module, potentially allowing an adversary to view, change, or delete sensitive data depending on the privileges associated with an application running on the server.