Security News

VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers. vCenter Server is the central management hub for VMware's vSphere suite, and it helps administrators manage and monitor virtualized infrastructure.

QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS devices with weak passwords. The Taiwanese hardware vendor detected the attacks on the evening of October 14 and, with assistance from Digital Ocean, took down the command-and-control server within two days.

A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available. Ukrainian Cyber Alliance hackers gained access to Trigona ransomware's infrastructure by using a public exploit for CVE-2023-22515, a critical vulnerability in Confluence Data Center and Server that can be leveraged remotely to escalate privileges.

Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts. In a new campaign called 'Qubitstrike,' the threat actors download malicious payloads to hijack a Linux server for cryptomining and to steal credentials for cloud services, such as AWS and Google Cloud.

According to complaints from Windows admins, the issue is triggered after installing KB5031361 and KB5031364 on Windows Server 2019 and Windows Server 2022 systems. When it released the buggy cumulative updates, the company revised the support document for KB5031364, including and removing a known issue related to VMware ESXi, describing boot issues encountered by guest VMs operating Windows Server 2022 with Secure Boot enabled.

A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS...

An early ransomware campaign against organizations by exploiting the vulnerability in Progress Software's WS FTP Server was this week spotted by security researchers. Sophos X-Ops revealed on Thursday its customers have been targeted by ransomware criminals who lifted took their code from LockBit 3.0, which was leaked last year, shortly after this latest strain was created.

Learn how to use the scp command to transfer files securely with this step-by-step tutorial by expert Jack Wallen. If you regularly have to copy files from your desktop to another desktop or server, you might not want to use less secure protocols such as FTP. Fortunately, Secure Shell includes a command that makes copying files to and from a remote machine not only secure but fairly easy.

Internet-exposed WS FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks. "The ransomware actors didn't wait long to abuse the recently reported vulnerability in WS FTP Server software," Sophos X-Ops said.

The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall...