Security News

Backdoor Found in Utility for Linux, Unix Servers
2019-08-21 14:55

Backdoor was intentionally planted in 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code.

Internet-Exposed Sphinx Servers at Risk of Attacks
2019-08-21 11:54

All Sphinx servers that are exposed to the Internet are prone to abuse by cybercriminals, as they can be accessed by anyone, CERT-Bund warns. read more

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
2019-08-20 08:48

Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake...

Dear Planet Earth: Patch Webmin now – zero-day exploit emerges for potential hijack hole in server control panel
2019-08-19 20:28

Flawed code traced to home build system, vulnerability can be attacked in certain configs The maintainers of Webmin – an open-source application for system administration tasks on Unix-flavored...

Dear sysadmins: Patch Webmin now – zero-day exploit emerges for potential hijack hole in server control panel
2019-08-19 20:28

Flawed code traced to home build system, vulnerability can be attacked in certain configs The maintainers of Webmin – an open-source application for system administration tasks on Unix-flavored...

HTTP/2 Implementation Vulnerabilities Expose Servers to DoS Attacks
2019-08-14 11:48

Researchers at Netflix and Google have discovered a total of eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations, including from major tech companies such as...

HTTP/2, Brute! Then fall, server. Admin! Ops! The server is dead
2019-08-14 09:02

Beware the denials of service: Netflix warns of eight networking bugs On Tuesday, Netflix, working in conjunction with Google and CERT/CC, published a security advisory covering a series of...

Don’t let the crooks ‘borrow’ your home router as a hacking server
2019-08-07 14:18

Crooks don't have to break *into* your network to benefit - they can bounce *off* it so you take the blame and look like a hacker yourself.

How the Air Force used a bug bounty program to hack its own cloud server
2019-08-07 14:14

The Air Force paid out $123,000 to researchers who found vulnerabilities in the organization's move to the cloud. Here's why.

Capital One's Breach May Be a Server Side Request Forgery
2019-08-05 12:48

SSRF Appears to Fit Scenario, But Details Are SlimCapital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security...