Security News

Wynncraft, one of the largest Minecraft servers, was recently hit by a 2.5 Tbps distributed denial-of-service attack. It was a multi-vector attack that lasted for about two minutes and consisted of UDP and TCP floods packets attempting to overwhelm the server and keep out hundreds of thousands of players, DDoS mitigation company Cloudflare says.

Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs,...

VMware informed customers today that vCenter Server 8.0 is still waiting for a patch to address a high-severity privilege escalation vulnerability disclosed in November 2021. VMware says this flaw can only be exploited by attackers using a vector network adjacent to the targeted server as part of high-complexity attacks requiring low privileges and no user interaction.

Lockbit ransomware affiliates are encrypting victims via Microsoft Exchange servers hacked using exploits targeting unpatched vulnerabilities. In at least one such incident from July 2022, the attackers used a previously deployed web shell on a compromised Exchange server to escalate privileges to Active Directory admin, steal roughly 1.3 TB of data, and encrypt network systems.

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from ".

Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world.

Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough. Threat actors are already chaining both of these zero-day bugs in active attacks to breach Microsoft Exchange servers and achieve remote code execution.

The U.S. Cybersecurity and Infrastructure Security Agency on Friday added a recently disclosed critical flaw impacting Atlassian's Bitbucket Server and Data Center to the Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. Tracked as CVE-2022-36804, the issue relates to a command injection vulnerability that could allow malicious actors to gain arbitrary code execution on susceptible installations by sending a specially crafted HTTP request.

The Cybersecurity and Infrastructure Security Agency has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days.While Microsoft hasn't yet released security updates to address this pair of actively exploited bugs, it shared mitigation measures requiring customers to add an IIS server blocking rule that would block attack attempts.

Security researchers have warned a zero-day flaw in Microsoft's Exchange server is being actively exploited. A second flaw, ZDI-CAN-18802, is rated 6.3/10. "Details of the flaws are scanty, with GTSC's post detailing its observations of webshells with Chinese characteristics being dropped onto Exchange servers. Those webshells then"injects malicious DLLs into the memory, drops suspicious files on the attacked servers, and executes these files through the Windows Management Instrumentation Command line.