Security News
Windows Remote Desktop Protocol servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure access to Windows servers and workstations.
Windows Remote Desktop Protocol servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure access to Windows servers and workstations.
A couple of researchers claim they have earned $50,000 from Apple for finding some serious vulnerabilities that gave them access to the tech giant's servers. Harsh Jaiswal and Rahul Maini, India-based bug bounty hunters who specialize in application security, said they discovered the flaws in recent months, being inspired by a group of researchers who in October reported receiving hundreds of thousands of dollars from Apple for a total of 55 vulnerabilities, including ones that exposed source code, iCloud accounts, warehouse software, and employee and customer apps.
A webshell called BumbleBee has taken flight in an ongoing xHunt espionage campaign that has targeted Microsoft Exchange servers at Kuwaiti organizations. "We found BumbleBee hosted on an internal Internet Information Services web server on the same network as the compromised Exchange server, as well as on two internal IIS web servers at two other Kuwaiti organizations," researchers explained in a Monday blog.
After a few months in preview, Microsoft has made Defender Endpoint Detection and Response generally available for Linux servers. Microsoft has extended its Defender product over multiple platforms throughout the last year or so, having shaved the "Windows" prefix from the system.
Jack Wallen shows you an easy way to determine if your Linux server is under a DDoS attack and how to quickly stop it. How? In this piece I'm going to show you a few commands that can help you discern if your server is being hit by a denial of service attack, which comes from a single IP address and attempts to cripple a website to render its server inaccessible.
The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," DoJ spokesperson Marc Raimondi said in a short statement.
A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. The C2 server is used to host the bash or PowerShell dropper script, a Golang-based binary worm, and the XMRig miner deployed to surreptitiously mine for untraceable Monero cryptocurrency on infected devices.
Vendor revenue in the worldwide server market grew 2.2% year over year to $22.6 billion during the third quarter of 2020, according to IDC. Worldwide server shipments declined 0.2% year over year to nearly 3.1 million units in 3Q20. Volume server revenue was up 5.8% to $19.0 billion, while midrange server revenue declined 13.9% to $2.6 billion, and high-end servers declined by 12.6% to $937 million. "Global demand for enterprise servers was a bit muted during the third quarter of 2020 although we did see areas of strong demand," said Paul Maguranis, senior research analyst, Infrastructure Platforms and Technologies at IDC. "From a regional perspective, server revenue within China grew 14.2% year over year. And worldwide revenues for servers running AMD CPUs were up 112.4% year over year while ARM-based servers grew revenues 430.5% year over year, albeit on a very small base of revenue."
The blockchain domains of Joker's Stash, a popular underground marketplace for stolen payment card data, have been seized by law enforcement. What the two law enforcement agencies apparently managed to do was to seize proxy servers that were used in connection with the Joker's Stash blockchain domains.