Security News

Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
2023-03-08 01:12

Acer has confirmed someone broke into one of its servers after a miscreant put up for sale a 160GB database of what's claimed to be the Taiwanese PC maker's confidential information. "We have recently detected an incident of unauthorized access to one of our document servers for repair technicians," an Acer spokesperson told The Register on Tuesday.

Shein's Android App Caught Transmitting Clipboard Data to Remote Servers
2023-03-07 07:42

An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that was released on December 16, 2021.

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
2023-03-02 11:39

Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. The attack chain commences with targeting insecure Redis deployments, followed by registering a cron job that leads to arbitrary code execution when parsed by the scheduler.

Microsoft: For better security, scan more Exchange server objects
2023-02-26 09:00

Microsoft is recommending that Exchange server users scan certain objects for viruses and other threats that until now had been excluded. Microsoft late last month urged Exchange server users to make sure their systems are up-to-date with the latest Cumulative and Security updates and hardened against cyberattacks.

Sensitive DoD emails exposed by unsecured Azure server
2023-02-23 19:30

A hole in a Department of Defense email server operated by Microsoft left more than a terabyte of sensitive data exposed less than a month after Office 365 was awarded a higher level of US government security accreditation. According to security researcher Anurag Sen, who discovered the issue and shared it, the openly accessible server was part of an internal mailbox system hosted on Azure Government Cloud and used by the DoD for a variety of purposes - including the processing of security clearance paperwork.

Hackers now exploit critical Fortinet bug to backdoor servers
2023-02-22 19:06

Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. These attacks come one day after Horizon3 security researchers released proof-of-concept exploit code for the critical-severity flaw that will add a cron job to initiate a reverse shell on compromised systems as the root user.

Emergency VMware ESXi update fixes Windows Server 2022 VM boot issues
2023-02-21 19:05

VMware has released a vSphere ESXi update that addresses a known issue causing some Windows Server 2022 virtual machines to no longer boot after installing this month's KB5022842 update. Microsoft first acknowledged the issue on Thursday when the company said it only impacts VMs with Secure Boot enabled and running on vSphere ESXi 6.7 U2/U3 or vSphere ESXi 7.0.x. Although Redmond says that only VMware ESXi VMs are affected, some Windows admin reports hint at other hypervisor platforms being impacted by similar boot problems after deploying this month's updates.

Cry Havoc and let slip dogs of war ... there's an upgraded malware server in town
2023-02-17 10:30

ReversingLabs wrote about Havoc earlier this month in connection with a malicious npm package called Aabquerys, noting that it was created by a malware developer called C5pider. Now researchers with Zscaler's ThreatLabz threat intelligence unit say Havoc is being used in a campaign targeting a government organization.

VMware, Windows 11 shafted by Windows Server 2022
2023-02-16 20:30

Microsoft is sorting through two issues with Windows Server 2022 that affect VMware virtual machines and updates not getting passed on to Windows 11 devices. Both problems are related to the KB5022842 security update to Windows Server 2022 rolled out February 14 and will spread their share of headaches to users.

Hackers backdoor Microsoft IIS servers with new Frebniis malware
2023-02-16 16:38

Hackers are deploying a new malware named 'Frebniss' on Microsoft's Internet Information Services that stealthily executes commands sent via web requests. Microsoft IIS is a web server software that acts as a web server and a web app hosting platform for services like Outlook on the Web for Microsoft Exchange.