Security News

A webshell called BumbleBee has taken flight in an ongoing xHunt espionage campaign that has targeted Microsoft Exchange servers at Kuwaiti organizations. "We found BumbleBee hosted on an internal Internet Information Services web server on the same network as the compromised Exchange server, as well as on two internal IIS web servers at two other Kuwaiti organizations," researchers explained in a Monday blog.

After a few months in preview, Microsoft has made Defender Endpoint Detection and Response generally available for Linux servers. Microsoft has extended its Defender product over multiple platforms throughout the last year or so, having shaved the "Windows" prefix from the system.

Jack Wallen shows you an easy way to determine if your Linux server is under a DDoS attack and how to quickly stop it. How? In this piece I'm going to show you a few commands that can help you discern if your server is being hit by a denial of service attack, which comes from a single IP address and attempts to cripple a website to render its server inaccessible.

The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," DoJ spokesperson Marc Raimondi said in a short statement.

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. The C2 server is used to host the bash or PowerShell dropper script, a Golang-based binary worm, and the XMRig miner deployed to surreptitiously mine for untraceable Monero cryptocurrency on infected devices.

Vendor revenue in the worldwide server market grew 2.2% year over year to $22.6 billion during the third quarter of 2020, according to IDC. Worldwide server shipments declined 0.2% year over year to nearly 3.1 million units in 3Q20. Volume server revenue was up 5.8% to $19.0 billion, while midrange server revenue declined 13.9% to $2.6 billion, and high-end servers declined by 12.6% to $937 million. "Global demand for enterprise servers was a bit muted during the third quarter of 2020 although we did see areas of strong demand," said Paul Maguranis, senior research analyst, Infrastructure Platforms and Technologies at IDC. "From a regional perspective, server revenue within China grew 14.2% year over year. And worldwide revenues for servers running AMD CPUs were up 112.4% year over year while ARM-based servers grew revenues 430.5% year over year, albeit on a very small base of revenue."

The blockchain domains of Joker's Stash, a popular underground marketplace for stolen payment card data, have been seized by law enforcement. What the two law enforcement agencies apparently managed to do was to seize proxy servers that were used in connection with the Joker's Stash blockchain domains.

"As a result of COVID-19 and associated global trends, demand for malicious and illicit goods, services and data have reached new peak highs across dark web marketplaces," said researchers in a Friday analysis. Upon a deep-dive investigation into the underground marketplace, researchers found that the pricing for stolen payment cards has soared in 2020; jumping from $14.64 in 2019 to $20.16 in 2020.

AWS IoT Core for LoRaWAN is a fully managed service that enables enterprise IoT developers to easily connect low power wireless devices over long range, wide-area networks to AWS without developing or operating their own LoRaWAN server. To get started with AWS IoT Core for LoRaWAN, IoT developers can source AWS qualified gateways operating the LoRaWAN protocol from the AWS Partner Device Catalog and select an array of LoRaWAN CertifiedCM devices from the LoRa Alliance website.

Hewlett Packard Enterprise has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager software for Windows and Linux. HPE SIM is a management and remote support automation solution for multiple HPE servers, storage, and networking products including but not limited to HPE ProLiant Gen10 and HPE ProLiant Gen9 Servers.