Technology

Network Configuration Audit

Network Configuration Audit – Why its More Important Than Ever Now?

Network Configuration Audit is more important than ever now. To best visualize how an enterprise network has changed over the past few months, all a network administrator must do is open their network monitoring system (MNS) and view the shift in data flows across the LAN, WAN, and network edge. While a significant part of …

Network Configuration Audit – Why its More Important Than Ever Now? Read More »

Zimbra Server Bug

New Bug Could Let Attackers Hijack Zimbra Server by Sending Malicious Email

Cybersecurity researchers of SonarSource have discovered multiple security vulnerabilities in Zimbra Email collaboration software that could be potentially exploited to compromise email accounts by sending a malicious email message and even achieve a full takeover of the mail server when hosted on a cloud infrastructure. The flaws which tracked as CVE-2021-35208 and CVE-2021-35208 were discovered and reported …

New Bug Could Let Attackers Hijack Zimbra Server by Sending Malicious Email Read More »

Zoom Phishing Scam Aims To Steal Login Credentials

As individuals and businesses become increasingly dependent on video conferencing to stay connected during the Covid-19 outbreak, fraudsters have used the opportunity to target users with a malicious Zoom phishing scam. The Zoom phishing scam begins with an email that impersonates a notification from the video conferencing platform. The email informs the recipient in different …

Zoom Phishing Scam Aims To Steal Login Credentials Read More »

Microsoft issues Guidance for DNS Cache Poisoning Vulnerability

Microsoft issued guidance on how to mitigate a DNS cache poisoning vulnerability reported by security researchers from the University of California and Tsinghua University. Successfully exploiting the vulnerability could allow attackers to use modified DNS records to redirect a target to a malicious website under their control as part of DNS spoofing (also known as DNS cache poisoning) attacks. …

Microsoft issues Guidance for DNS Cache Poisoning Vulnerability Read More »

Github Code Scanning – Vulnerability Scanner by Justin Hutchings

GitHub code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production. We’re thrilled to announce the general availability of code scanning. You can enable it on your public repository today! One year ago, GitHub welcomed Semmle. We’ve since worked to bring the revolutionary code analysis capabilities of its CodeQL technology to GitHub …

Github Code Scanning – Vulnerability Scanner by Justin Hutchings Read More »

Wormable Gitpaste-12 Botnet Returns to Target Linux Servers, IoT Devices

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called “Gitpaste-12,” which used GitHub to host malicious code containing as …

Wormable Gitpaste-12 Botnet Returns to Target Linux Servers, IoT Devices Read More »

PgMiner botnet attacks weakly secured PostgreSQL databases

Security researchers have discovered this week a botnet operation that targets PostgreSQL databases to install a cryptocurrency miner. Codenamed by researchers as PgMiner, the botnet is just the latest in a long list of recent cybercrime operations that target web-tech for monetary profits. According to researchers at Palo Alto Networks’ Unit 42, the botnet operates by …

PgMiner botnet attacks weakly secured PostgreSQL databases Read More »

Microsoft exposes Adrozek, a malware that hijacks Chrome, Edge, and Firefox

Microsoft has raised the alarm today about a new malware strain that infects users’ devices and then proceeds to modify browsers and their settings in order to inject ads into search results pages. Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers – Microsoft 365 Defender Research Team Named Adrozek, the …

Microsoft exposes Adrozek, a malware that hijacks Chrome, Edge, and Firefox Read More »