Security News

The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. Since researchers disclosed the vulnerabilities, threat actors have begun to exploit them to breach servers and install web shells, coin miners, and ransomware.

JetBrains has introduced remote development for its range of IDEs as well as previewing a new IDE called Fleet, which will form the basis for fresh tools covering all major programming languages. JetBrains has a core IDE used for the IntelliJ IDEA Java tool as well other IDEs such as Android Studio, the official programming environment for Google Android, PyCharm for Python, Rider for C#, and so on.

Microsoft has confirmed a new issue impacting Windows Server devices preventing the Microsoft Defender for Endpoint security solution from launching on some systems. The enterprise endpoint security platform might fail to start or run on devices with a Windows Server Core installation.

A high-severity security vulnerability in CloudLinux's Imunify360 cybersecurity platform could lead to arbitrary code execution and web-server takeover, according to researchers. Imunify360 is a security platform for Linux-based web servers that allows users to configure various settings for real-time website protection and web-server security.

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company's internal users using the victim's compromised Microsoft exchange servers.

Some Tesla owners worldwide are unable to unlock or communicate with their cars using the app due to an outage of the company's servers. Starting around 4 PM EST, Tesla owners have taken to social media reporting that the Tesla app is returning a "500 server error" when attempting to communicate with the car.

If you've ever had a need to SSH into a Windows machine, Jack Wallen shows you how to make that possible with the help of PowerShell. I'm going to walk you through the process of installing the OpenSSH Server on Windows 10, configuring it to start at boot, and then show you how to log in from a Linux machine.

Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins. S/he then uploaded a webshell and modified the server code to intercept customer data."

Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins. S/he then uploaded a webshell and modified the server code to intercept customer data."

Microsoft has released out-of-band updates to address authentication failures related to Kerberos delegation scenarios impacting Domain Controllers running supported versions of Windows Server. These issues affect systems running Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. The emergency updates address "a known issue that might cause authentication failures related to Kerberos tickets you acquired from Service for User to Self," a Microsoft announcement explained on Sunday.