Latest Server news

Ukraine claims it hacked Russian Ministry of Defense servers

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.
- Bill Toulas
- March 04, 2024
- 10:41 AM
- 1
45k Jenkins servers exposed to RCE attacks using public exploits

Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2024-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation.
- Bill Toulas
- January 29, 2024
- 05:06 PM
- 0
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks

Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws.
- Ionut Ilascu
- December 02, 2023
- 01:54 PM
- 0
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.
- Bill Toulas
- November 01, 2023
- 02:05 PM
- 0
Hackers actively exploiting Openfire flaw to encrypt servers

Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers.
- Bill Toulas
- September 26, 2023
- 10:20 AM
- 0
Toyota says filled disk storage halted Japan-based factories

Toyota says a recent disruption of operations in Japan-based production plants was caused by its database servers running out of storage space.
- Bill Toulas
- September 06, 2023
- 09:47 AM
- 1
P2PInfect server botnet spreads using Redis replication feature

Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect.
- Ionut Ilascu
- July 31, 2023
- 11:31 AM
- 0
Lazarus hackers hijack Microsoft IIS servers to spread malware

The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution.
- Bill Toulas
- July 24, 2023
- 04:34 PM
- 0
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers

Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International.
- Sergiu Gatlan
- July 20, 2023
- 12:30 PM
- 0
Hackers infect Linux SSH servers with Tsunami botnet malware

An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
- Bill Toulas
- June 20, 2023
- 01:50 PM
- 3
Emby shuts down user media servers hacked in recent attack

Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration.
- Sergiu Gatlan
- May 26, 2023
- 10:56 AM
- 2
CloudPanel installations use the same SSL certificate private key

Self-hosted web administration solution CloudPanel was found to have several security issues, including using the same SSL certificate private key across all installations and unintentional overwriting of firewall rules to default to weaker settings.
- Bill Toulas
- March 23, 2023
- 11:56 AM
- 0
Breached hacking forum shuts down, fears it's not 'safe' from FBI

The notorious Breached hacking forum has shut down after the remaining administrator, Baphomet, disclosed that they believe law enforcement has access to the site's servers.
- Bill Toulas
- March 21, 2023
- 12:20 PM
- 1
Thousands of Citrix servers vulnerable to patched critical flaws

Thousands of Citrix ADC and Gateway deployments remain vulnerable to two critical-severity security issues that the vendor fixed in recent months.
- Bill Toulas
- December 28, 2022
- 12:28 PM
- 0
Severe AMI MegaRAC flaws impact servers from AMD, ARM, HPE, Dell, others

Three vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers.
- Bill Toulas
- December 05, 2022
- 10:07 AM
- 0
New Redigo malware drops stealthy backdoor on Redis servers

A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution.
- Bill Toulas
- December 01, 2022
- 01:45 PM
- 0
Microsoft updates mitigation for ProxyNotShell Exchange zero days

Microsoft has updated the mitigation for the latest Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, also referred to ProxyNotShell.
- Ionut Ilascu
- October 05, 2022
- 08:58 AM
- 0
Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages

Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.
- Ionut Ilascu
- September 07, 2022
- 09:09 AM
- 4
Thousands of hackers flock to 'Dark Utilities' C2-as-a-Service

Security researchers found a new service called Dark Utilities that provides an easy and inexpensive way for cybercriminals to set up a command and control (C2) center for their malicious operations.
- Bill Toulas
- August 04, 2022
- 03:00 PM
- 0
Privacy protection agency seizes servers of hacked travel company

The Privacy Protection Authority in Israel seized servers hosting multiple travel booking websites because their operator failed to address security issues that enabled data breaches affecting more than 300,000 individuals.
- Ionut Ilascu
- July 03, 2022
- 03:34 PM
- 0