Security News

Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
2023-02-03 09:57

Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is urging users to upgrade quickly. "Installing a fixed version of Jira Service Management is the recommended way to remediate this vulnerability. If you are unable to immediately upgrade Jira Service Management, you can manually upgrade the version-specific servicedesk-variable-substitution-plugin JAR file as a temporary workaround," they advised.

New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
2023-02-02 06:47

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "Elusive and severe threat" dubbed HeadCrab since early September 2021. The findings come two months after the cloud security firm shed light on a Go-based malware codenamed Redigo that has been found compromising Redis servers.

New HeadCrab malware infects 1,200 Redis servers to mine Monero
2023-02-01 23:56

New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that mines for Monero cryptocurrency. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers," the researchers said.

Microsoft Urges Customers to Secure On-Premises Exchange Servers
2023-01-28 10:42

Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads."Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post.

Microsoft to enterprises: Patch your Exchange servers
2023-01-28 01:03

Microsoft is urging organizations to protect their Exchange servers from cyberattacks by keeping them updated and hardened, since online criminals are still going after valuable data in the email system. Enterprises need to make sure to install the latest Cumulative Updates and Security Updates on the Exchange servers - and occasionally on Exchange Management Tools workstations - and to run manual tasks like enabling Extended Protection and certificate signing of PowerShell serialization payloads, according to the vendor's Exchange Team.

Hive ransomware servers shut down at last, says FBI
2023-01-27 19:58

Six months ago, according to the US Department of Justice, the Federal Bureau of Investigation infiltrated the Hive ransomware gang and started "Stealing back" the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two associated groups of cybercriminals.

Microsoft urges admins to patch on-premises Exchange servers
2023-01-26 23:02

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update to have them always ready to deploy an emergency security update. "To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU and the latest SU," The Exchange Team said.

Ransomware severs 1,000 ships from on-shore servers
2023-01-19 11:01

A Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers. DNV said the attack happened on January 7, and updated its report yesterday to say it involved ransomware - but affected vessels are not in any danger and can still operate normally, it added.

Cacti servers under attack by attackers exploiting CVE-2022-46169
2023-01-16 11:21

If you're running the Cacti network monitoring solution and you haven't updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw. Cacti is an open-source front-end app for RRDtool, a system for logging and graphing time series data, i.e., data from sensors and systems that is recorded / collected at regular intervals to create an evolving picture of what one wants to monitor.

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
2023-01-14 08:11

A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti.