Security News

An early ransomware campaign against organizations by exploiting the vulnerability in Progress Software's WS FTP Server was this week spotted by security researchers. Sophos X-Ops revealed on Thursday its customers have been targeted by ransomware criminals who lifted took their code from LockBit 3.0, which was leaked last year, shortly after this latest strain was created.

Learn how to use the scp command to transfer files securely with this step-by-step tutorial by expert Jack Wallen. If you regularly have to copy files from your desktop to another desktop or server, you might not want to use less secure protocols such as FTP. Fortunately, Secure Shell includes a command that makes copying files to and from a remote machine not only secure but fairly easy.

Internet-exposed WS FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks. "The ransomware actors didn't wait long to abuse the recently reported vulnerability in WS FTP Server software," Sophos X-Ops said.

The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall...

Windows Server 2012 and multiple editions of Windows 11, version 21H2, have reached the end of support with this month's Patch Tuesday.Even though Windows Server 2012's mainstream support ended more than four years ago in October 2018, Microsoft extended the end date for extended support by five years to provide customers additional time to transition to newer, supported versions of Windows Server.

Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. The attacks Microsoft observed start with exploiting an SQL injection vulnerability in an application in the target's environment.

Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. "The attackers initially exploited a SQL...

The TorchServe flaws discovered by the Oligo Security research team can lead to unauthorized server access and remote code execution on vulnerable instances. Due to insecure deserialization in the SnakeYAML library, attackers can upload a model with a malicious YAML file to trigger remote code execution.

Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities in WS FTP Server, another popular secure file transfer solution. CVE-2023-40044 is a.NET deserialization vulnerability that could allow an unauthenticated threat actor to execute remote commands on the underlying WS FTP Server operating system, and can be exploited via a HTTPS POST request.

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of...