Posts

Showing posts with the label #2018

D3c3mb3r hackers exploit ThinkPHP flaw to hack thousands of Chinese websites

Image
  ThinkPHP flaw to hack thousands of Chinese websites A hacker group named D3c3mb3r has been found exploiting the vulnerability in the wild. Another hacker group was also found exploiting the vulnerability to infect servers with the Miori malware. A bug in the ThinkPHP framework has left over 45,000 websites open to a barrage of attacks. Hackers have been exploiting the bug to gain access to web servers. A hacker group named D3c3mb3r has been found exploiting the vulnerability in the wild. Another hacker group was also found exploiting the vulnerability to infect servers with the Miori malware. According to the attacks began after a Chinese cybersecurity firm, VulnSpy, posted a proof-of-concept (PoC) of the exploit for ThinkPHP on ExploitDB - a popular website that hosts free exploit code. The PoC points out that by exploiting the vulnerability, attackers could execute malicious code on the underlying server. "The PoC was published on December 11, and we saw internet-wide scans le...

Thousands of Jenkins servers will let anonymous users become admins

Image
  Two vulnerabilities discovered and patched over the summer expose Jenkins servers to mass exploitation. Thousands, if not more, Jenkins servers are vulnerable to data theft, takeover, and cryptocurrency mining attacks. This is because hackers can exploit two vulnerabilities to gain admin rights or log in using invalid credentials on these servers. Both vulnerabilities were discovered by security researchers from CyberArk , were privately reported to the Jenkins team, and received fixes over the summer. But despite patches for both issues, there are still thousands of Jenkins servers available online Jenkins  is a web application for  continuous integration  built in Java that allows development teams to run automated tests and commands on code repositories based on test results, and even automate the process of deploying new code to production servers. Jenkins is a popular component in many companies' IT infrastructure and these servers are very popular with both f...

Microsoft Edge: What went wrong, what's next

Image
  Microsoft's grand browser experiment flopped in the marketplace, so the company is turning to an unlikely successor: the open-source Chromium project. Can it succeed where EdgeHTML failed? Microsoft today confirmed the rumors that have been swirling all week. As part of a sweeping change to one of the flagship components of Windows 10, it will rebuild its Microsoft Edge browser from the ground up, ripping out its proprietary EdgeHTML rendering engine and replacing it with the open-source Chromium code base. Yes,  that  Chromium. The same one that's at the heart of archrival Google's Chrome browser. Mary Jo Foley has the details here:  "Microsoft's Edge to morph into a Chromium-based, cross-platform browser." It's an extraordinary capitulation from Microsoft, which has spent nearly four years and a staggering amount of engineering effort on a quixotic campaign to convince Windows 10 users to ditch their current browser in favor of Microsoft Edge. That eff...

More Than 100,000 PCs in China Infected by New Ransomware Strain

Image
  A new ransomware strain successfully infected more than 100,000 personal computers in China over a period of just four days. According to a  report  from Velvet Security, the first samples of this ransomware broke out on 1 December after users installed multiple social media-themed apps including “Account Operation V3.1,” an app designed to help users manage multiple QQ accounts. The Chinese anti-virus firm subsequently monitored the threat over the next few days. By the evening of 4 December, firm had identified at least 100,000 infections by the yet-unnamed virus. A screenshot of the ransomware. (Source: ZDNet) This particular threat stands out for several reasons. First, it doesn’t just lock users’ computers and encrypt their files. It also comes with a component designed to steal victims’ login credentials for Chinese digit wallet services, personal  cloud  file hosting platforms, email providers and online shopping portals. Second, the ransomware doesn’t ...

Dell announces security breach due to unauthorised intruder

Image
Company says it detected an intrusion at the start of the month, but financial data was not exposed. US-based hardware giant Dell announced today a security breach that took place earlier this month, on November 9. Dell says it detected an unauthorized intruder (or intruders) "attempting to extract Dell.com customer information" from its systems, such as customer names, email addresses, and hashed passwords. The company didn't go into details about the complexity of the password hashing algorithm, but some of these --such as MD5-- can be broken within seconds to reveal the plaintext password. "Though it is possible some of this information was removed from Dell's network, our investigations found no conclusive evidence that any was extracted," Dell said today in a   press release . In a statement, Dell said it's still investigating the incident, but said the breach wasn't extensive, with the company's engineers detecting the...

New Linux crypto-miner steals your root password and disables your antivirus

Image
Trojan also installs a rootkit and another strain of malware that can execute DDoS attacks. Malware targeting Linux users may not be as widespread as the strains targeting the Windows ecosystem, but Linux malware is becoming just as complex and multi-functional as time passes by. The latest example of this trend is a new trojan discovered this month by Russian antivirus maker Dr.Web. This new malware strain doesn't have a distinctive name, yet, being only tracked under its generic detection name of Linux.BtcMine.174. But despite the generic name, the trojan is a little bit more complex than most Linux malware, mainly because of the plethora of malicious features it includes. The trojan itself is a giant shell script of over 1,000 lines of code. This script is the first file executed on an infected Linux system. The first thing this script does is to find a folder on disk to which it has write permissions so it can copy itself and later use to download other modules. O...

Workday customers starting to run on AWS Cloud

Image
Workday said the early batch of customers running its finance and HR software on AWS represents a milestone. Workday is beginning to scale customers who are running the company's finance and human resources software on Amazon Web Services. While multiple software providers such as Infor, Salesforce and SAP have customers running their products on AWS, Workday's move to the public cloud is relatively new. Workday said customers running its software on AWS "signals a milestone" and broadens the company's reach. At Workday Rising Europe, the company highlighted Twitch and Fresche Solutions as customers running Workday applications on top of AWS. The company added that Workday Financial Management and Human Capital Management is available to enterprises based in the U.S. and Canada. Workday will extend AWS support to Germany in the first half of 2019 and expand to other geographies. Workday said running on AWS gives it more freedom to choose how and wh...

The Samsung foldable phone is here and will be in customer hands shortly

Image
A tantalizing glimpse was all Samsung gave. It was still enough to make one ponder. He just   pulled it out of his inside jacket pocket , as if this was just another little thing he carried around with him all the time. And there it was. What is the core excitement here? The sheer relief that it's possible to have a phone that folds? Well, what, exactly? A   camouflaged phone   created to show off Samsung's Infinity Flex Display, the fancy wording for the company's new foldable phone. Samsung's SVP of Mobile Product Marketing, Justin Denison, was effusive at yesterday's Samsung Developer Conference. He used creative phrases such as "taking it to the next level" and "big milestone." He insisted he was "honored" to reveal this whole new generation of smartphones.And then he held the phone up and unfolded it. At least one gasp was heard. "When it's open, it's a tablet offering a big screen experience,...

Intel CPUs impacted by new PortSmash vulnerability

Image
Vulnerability confirmed on Skylake and Kaby Lake CPU series. Researchers suspect AMD processors are also impacted. Intel processors are impacted by a new vulnerability that can allow attackers to leak encrypted data from the CPU's internal processes. The new vulnerability, which has received the codename of PortSmash, has been discovered by a team of five academics from the Tampere University of Technology in Finland and Technical University of Havana, Cuba. Researchers have classified PortSmash as a  side-channel attack . In computer security terms, a side-channel attack describes a technique used for leaking encrypted data from a computer's memory or CPU, which works by recording and analyzing discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU's processed data. Researchers say PortSmash impacts all CPUs that use a  Simultaneous Mu...

Oracle acquires DataFox, brings AI-based company data management to cloud apps

Image
DataFox uses artificial intelligence to help clients gain an up-to-date view of customer accounts and organizations. Oracle   has announced plans to acquire data management and AI solutions provider DataFox. Financial details were not disclosed. Founded in 2013, San Francisco, CA-based   DataFox   is the developer of an artificial intelligence (AI)-based engine which automatically locates and pulls the most current information available on public and private businesses. The engine currently manages the information of over 2.8 million companies, with 1.2 million being added on an annual basis. Customers, including Goldman Sachs, Bain & Company and Twilio, use the platform for account management, lead generation, and to keep customer-relationship management (CRM) solutions current. On Monday,   Oracle said   the acquisition will merge DataFox technologies with Oracle Cloud Applications, giving customers an "extensive set of trusted company-level ...

Zero-day in popular jQuery plugin actively exploited for at least three years!!

Image
A fix is out but the plugin is used in hundreds, if not thousands, of projects. Patching will take ages! For at least three years, hackers have abused a zero-day in one of the most popular jQuery plugins to plant web shells and take over vulnerable web servers. The vulnerability impacts the  jQuery File Upload  plugin authored by prodigious German developer Sebastian Tschan, most commonly known as Blueimp . The plugin is the second most starred jQuery project on GitHub, after the jQuery framework itself. It is immensely popular, has been forked over 7,800 times, and has been integrated into hundreds, if not thousands, of other projects, such as CMSs, CRMs, Intranet solutions, WordPress plugins, Drupal add-ons, Joomla components, and so on. A vulnerability in this plugin would be devastating, as it could open gaping security holes in a lot of platforms installed in a lot of sensitive places. This worse case scenario is exactly what happened. Earlier this yea...

Microsoft takes another step to fight patent trolls by joining the LOT Network

Image
Microsoft is joining the 300-member LOT Network in a move meant to advance the company's campaign against patent trolls. Last year, Microsoft created the  Azure IP Advantage program , which was designed to defend and indemnify developers against claims of intellectual property infringement. On October 4 this year, Microsoft took another step toward  combating patent trolls by joining the LOT Network . The LOT Network  is a nonprofit community working to fight trolls. The group has nearly 300 members, covering approximately 1.35 million patents, Microsoft officials said. Members include Amazon, Canon, Cisco, Lenovo, Red Hat Google, Lyft, Oracle, Salesforce, SAP and Tesla, to name a few. Members are free to cross-license, assert, sell or do nothing with their patents. But if any member of the LOT Network sells a patent to a troll, all LOT members automatically get a free license to that patent. According to the LOT Network officials, the average cost to defen...

Ten scenarios where edge computing can bring new value to the world

Image
Edge computing use cases span manufacturing, security, healthcare, and more. By 2022, more than half of enterprise data will be produced and processed outside traditional data centers and clouds -- up from about 10 percent currently, according to a  Gartner report . "The number of our enterprises who are saying edge is part of their core strategy has doubled in a year," said  Thomas Bittman , vice president and distinguished analyst at Gartner. "We think by next year about half of enterprises will have edge as a part of their strategy." The rise of edge computing has helped companies analyze information in near real-time, and create new value around Internet of Things (IoT) devices and data. However, there is no standard formula for implementing edge computing, Bittman said. "The biggest benefit is to be able to exploit data and insight faster," said  Brian Hopkins , vice president and principal analyst at Forrester. "Closing the gap betw...