Security News

Over half of exposed Exchange servers are still vulnerable to a severe bug that allows authenticated attackers to execute code remotely with system privileges - even eight months after Microsoft issued a fix. The flaw, which stems from the server failing to properly create unique keys at install time, was fixed as part of Microsoft's February Patch Tuesday updates - and admins in March were warned that unpatched servers are being exploited in the wild by unnamed advanced persistent threat actors.

HP Device Manager, software that allows IT administrators to manage HP Thin Client devices, comes with a backdoor database user account that undermines network security, a UK-based consultant has warned. Nicky Bloor, founder of Cognitous Cyber Security, reports that an HP Inc programmer appears to have set up an insecure user account in a database within HP Device Manager.

HP Device Manager, software that allows IT administrators to manage HP Thin Client devices, comes with a backdoor database user account that undermines network security, a UK-based consultant has warned. Nicky Bloor, founder of Cognitous Cyber Security, reports that an HP Inc programmer appears to have set up an insecure user account in a database within HP Device Manager.

Someone has leaked what appear to be source code files for the Windows XP and Windows Server 2003 operating systems. The source code files for Windows XP and Windows Server 2003 appear to have been made public for the first time.

SEE: Pro tips: Ubuntu 20.04.What you'll needAn instance of Ubuntu Server 20.04.A user with sudo privileges. Sudo apt-get update sudo apt-get upgrade -y How to install Java.

Microsoft earlier this month exposed a 6.5TB Elastic server to the world that included search terms, location coordinates, device ID data, and a partial list of which URLs were visited. The data appears to be generated by the Bing mobile app, which promises users "Getting rewarded is easy, just search with the Bing," and has been downloaded more than 10 million times from Google's Play Store at least.

If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the insecure usage of AES-CFB8 encryption for Netlogon sessions, allowing remote attackers to establish a connection to the targeted domain controller over Netlogon Remote Protocol.

Administrators running Samba as their domain controllers should update their installations as the open-source software suffers from the same ZeroLogon hole as Microsoft's Windows Server. We're told Samba running as an Active Directory or classic NT4-style domain controller is at risk, and although file-server-only installations are not directly affected, "They may need configuration changes to continue to talk to domain controllers."

WizCase experts have identified an unprotected Elasticsearch server that contained terabytes of data pertaining to users of Microsoft's Bing mobile application. White hat hacker Ata Hakcil, who identified the leak, was able to confirm that the Elasticsearch server belonged to Microsoft's Bing mobile app by installing the application and running a search for WizCase.

A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. "Based on the sheer amount of data, it is safe to speculate that anyone who has made a Bing search with the mobile app while the server has been exposed is at risk," said WizCase's Chase Williams in a Monday post.