Security News

Unpatched VPN Servers Hit by Apparent Iranian APT Groups
2020-02-18 11:03

Now, security firm ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been joining the fray and hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways. Specific flaws needing to be patched include CVE-2019-11510 in Pulse Secure's VPN SSL servers, CVE-2018-13379 in Fortigate's SSL VPN servers, and CVE-2019-1579 in Palo Alto Network VPN servers, all of which ClearSky says Fox Kitten is now exploiting.

12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks
2020-02-11 12:23

A vulnerability in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware researchers have discovered. The vulnerability can also be triggered by a single, spoofed UDP packet to launch DoS attacks against those same vulnerable Jenkins servers, by forcing them into an infinite loop of replies that can't be stopped unless one of the servers is rebooted or has its Jenkins service restarted.

NCP Secure Enterprise Management Server now supports 2FA through a web interface
2020-02-06 02:30

NCP engineering released version 5.30 of the Secure Enterprise Management Server, a central component of the NCP Next Generation Network Access Technology that serves as a single point of administration. With the NCP Secure Enterprise Management Server version 5.30, a Time-based One-time Password generated through the NCP Authenticator App can be used as an alternative to NCP's Advanced Authentication via SMS as a second factor.

UN hacked via unpatched SharePoint server
2020-01-31 13:04

The UN suffered a major data breach last year after it failed to patch a Microsoft SharePoint server, it emerged this week. According to the outlet, internal UN staffers announced the compromise on 30 August 2019, explaining that the "Entire domain" was probably compromised by an attacker who was lurking on the UN's networks.

Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers
2020-01-30 04:01

Cybersecurity researchers at Check Point today disclosed details of two recently patched potentially dangerous vulnerabilities in Microsoft Azure services that, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure. According to a report researchers shared with The Hacker News, the first security vulnerability is a request spoofing issue that affected Azure Stack, a hybrid cloud computing software solution by Microsoft.

Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers
2020-01-30 01:07

Cybersecurity researchers have discovered a new critical vulnerability in the OpenSMTPD email server that could allow remote attackers to take complete control over BSD and many Linux based servers. OpenSMTPD is an open-source implementation of the server-side SMTP protocol that was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems.

PoC Exploits Created for Recently Patched 'BlueGate' Windows Server Flaws
2020-01-27 12:49

Proof-of-concept exploits have been released for two recently patched Remote Desktop Gateway vulnerabilities that can be exploited for remote code execution. Remote Desktop Gateway is a Windows Server component previously known as Terminal Services Gateway.

Citrix ships patches as vulnerable servers come under attack
2020-01-21 12:32

Citrix has issued its first set of patches fixing a nasty vulnerability that's been hanging over some of its biggest products. Patches for ADC and Citrix Gateway 11.1 and 12.0 were made available on 19 January with versions 12.1, 10.5, and 13.0 to follow on 24 January.

'Nice guy' hackers are seemingly fixing the Citrix server hole, but leaving a nasty present behind
2020-01-17 19:49

Hackers exploiting the high-profile Citrix CVE-2019-19781 flaw to compromise VPN gateways are now patching the servers to keep others out. Researchers at FireEye report finding a hacking group that has been bundling mitigation code for NetScaler servers with its exploits.

'Friendly' hackers are seemingly fixing the Citrix server hole – and leaving a nasty present behind
2020-01-17 19:49

Hackers exploiting the high-profile Citrix CVE-2019-19781 flaw to compromise VPN gateways are now patching the servers to keep others out. Researchers at FireEye report finding a hacking group that has been bundling mitigation code for NetScaler servers with its exploits.