Security News

AnyDesk says hackers breached its production servers, resets passwords
2024-02-02 22:16

AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. In a statement shared with BleepingComputer, AnyDesk says they first learned of the attack after detecting indications of an incident on their product servers.

BTC-e server admin indicted for laundering ransom payments, stolen crypto
2024-02-02 15:33

Aliaksandr Klimenka, a Belarusian and Cypriot national, has been indicted in the U.S. for his involvement in an international cybercrime money laundering operation. The U.S. DoJ alleged back then that the platform was used to launder funds stolen during the hack of Japanese crypto exchange platform Mt. Gox, as well as ransom payments for the Locky, Cerber, NotPetya, WannaCry, and Spora ransomware operations.

Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers
2024-02-02 13:01

Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.Spanning 55 countries, from Albania to Australia, Operation Synergia identified more than 1,300 malicious servers, dismantling more than 70 percent of those used as part of command and control infrastructure that supported phishing, banking malware, and ransomware.

Interpol operation Synergia takes down 1,300 servers used for cybercrime
2024-02-02 12:56

An international law enforcement operation code-named 'Synergia' has taken down over 1,300 command and control servers used in ransomware, phishing, and malware campaigns. The Synergia operation identified and took down command and control servers between September and November 2023, with 60 law enforcement agencies from 55 countries participating in the operation.

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
2024-02-01 11:22

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021. The development, which...

Jenkins jitters as 45,000 servers still vulnerable to RCE attacks after patch released
2024-01-30 17:45

The number of public-facing installs of Jenkins servers vulnerable to a recently disclosed critical vulnerability is in the tens of thousands. Trailing them are India, Germany, Republic of Korea, France, and the UK. The revelation of the vast attack surface comes days after multiple exploits were made public on January 26 - themselves released just two days after the coordinated disclosure from Jenkins and Yaniv Nizry, the researcher at Sonar who first discovered the vulnerability.

45k Jenkins servers exposed to RCE attacks using public exploits
2024-01-29 22:06

Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897, a critical remote code execution flaw for which multiple public proof-of-concept exploits are in circulation. Depending on the instance's configuration, attackers could decrypt stored secrets, delete items from Jenkins servers, and download Java heap dumps.

Microsoft releases first Windows Server 2025 preview build
2024-01-26 20:01

Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which comes with both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition.

Microsoft introduces flighting for Windows Server insiders
2024-01-26 19:02

Microsoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program. "If you have a recent Windows Server insider build installed, you can now go to Windows Update in Settings app, and check for updates. This will bring you a newer build, as a Feature update," said Microsoft software engineer Artem Pronichkin.

SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks
2024-01-25 14:23

Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied...