Security News

New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers
2021-05-06 17:40

Attackers can use a newly disclosed domain name server vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried by regular users' web browsers when trying to connect to a specific website.

How to integrate Linux Malware Detection and ClamAV for automated malware detection on Linux servers
2021-05-06 16:00

Jack Wallen walks you through the steps of installing both Linux Malware Detection and ClamAV for a reliable one-two punch of malware and virus prevention. With your Linux servers, you might have any number of users logging in and saving files to numerous directories.

JET engine flaws can crash Microsoft's IIS, SQL Server, say Palo Alto researchers
2021-05-06 04:59

A trio of researchers at Palo Alto Networks has detailed vulnerabilities in the JET database engine, and demonstrated how those flaws can be exploited to ultimately execute malicious code on systems running Microsoft's SQL Server and Internet Information Services web server.In a talk today at Black Hat Asia titled Give Me a SQL Injection, I Shall PWN IIS and SQL Server, the three explained they found the JET engine - for years an underlying tech for Microsoft Access and other products, and still downloadable today - has many vulnerabilities.

Raft of Exim Security Holes Allow Linux Mail Server Takeovers
2021-05-05 18:15

A veritable cornucopia of security vulnerabilities in the Exim mail server have been uncovered, some of which could be chained together for unauthenticated remote code execution, gaining root privileges and worm-style lateral movement, according to researchers. "Exim Mail Servers are used so widely and handle such a large volume of the internet's traffic that they are often a key target for hackers," Jogi said, noting that last year, a vulnerability in Exim was a target of the Russian advanced persistent threat known as Sandworm.

21 nails in Exim mail server: Vulnerabilities enable 'full remote unauthenticated code execution', millions of boxes at risk
2021-05-05 17:20

Researchers at security biz Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain "a full remote unauthenticated code execution and gain root privileges on the Exim Server." Exim is a mail transfer agent, responsible for receiving and forwarding email messages.

Qualys Flags Gaping Security Holes in Exim Mail Server
2021-05-04 19:31

Security researchers document 21 major security vulnerabilities in Exim and warn that users are exposed to remote code execution flaws. Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors.

Critical 21Nails Exim bugs expose millions of servers to attacks
2021-05-04 15:46

Newly discovered critical vulnerabilities in the Exim mail transfer agent software allow unauthenticated remote attackers to execute arbitrary code and gain root privilege on mail servers with default or common configurations. All versions released before Exim 4.94.2 are vulnerable to attacks attempting to exploit the 21Nails vulnerabilities.

BIND Vulnerabilities Expose DNS Servers to Remote Attacks
2021-04-30 08:53

The Internet Systems Consortium has released updates for the BIND DNS software to patch several vulnerabilities that can be exploited for denial-of-service attacks and one possibly even for remote code execution. Only servers using a certain feature with non-default configurations are vulnerable to attacks, but ISC suggested these types of servers may not be uncommon.

Samsung launches PM1653, a 24G SAS SSD to handle AI and big data in enterprise servers
2021-04-28 00:30

Samsung announced its launch of the 24G SAS SSD the PM1653. The PM1653 is also the industry's first 24G SAS SSD made with sixth-generation V-NAND chips, enabling storage capacities from 800GB to 30.72TB for advanced enterprise server systems.

Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers
2021-04-23 08:00

Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research. "Prometei exploits the recently disclosed Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate the network for malware deployment, credential harvesting and more," Boston-based cybersecurity firm Cybereason said in an analysis summarizing its findings.